Lucene search

[email protected]NVD:CVE-2023-4217

HistoryNov 02, 2023 - 5:15 p.m.

CVE-2023-4217

2023-11-0217:15:11

CWE-1004

CWE-668

[email protected]

web.nvd.nist.gov

vulnerability

session cookies

security risks

unauthorized access

manipulation

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

Affected configurations

Nvd

Node

moxaeds-g503Match-

AND

moxaeds-g503_firmwareRange<5.2

VendorProductVersionCPE
moxaeds-g503-cpe:2.3:h:moxa:eds-g503:-:*:*:*:*:*:*:*
moxaeds-g503_firmware*cpe:2.3:o:moxa:eds-g503_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moxa	eds-g503	-	cpe:2.3:h:moxa:eds-g503:-:::::::*
moxa	eds-g503_firmware	*	cpe:2.3:o:moxa:eds-g503_firmware::::::::

References

www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Related for NVD:CVE-2023-4217

cvelist1 nessus1 prion1 vulnrichment1 cve1