Session cookies attribute not set properly

CVE-2023-4217

3.1LOW

Key Information

Vendor: Moxa
Status: Pt-g503 Series
Vendor: CVE Published:; 2 November 2023

Summary

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

Affected Version(s)

PT-G503 Series <= 5.2

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Risk change from: 5.3 to: 3.1 - (LOW)
Sep 5, 2024
Vulnerability published.
Nov 2, 2023
Vulnerability Reserved.
Aug 8, 2023

Collectors

NVD DatabaseMitre Database