CVE-2023-4217

LOW

PT-G503 Series <5.2 - Info Disclosure

Title source: llm

Description

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

References (1)

[Mitigation, Vendor Advisory] https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities

Scores

CVSS v3 3.1

EPSS 0.0015

EPSS Percentile 34.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-668 CWE-1004

Status published

Products (1)

moxa/eds-g503_firmware < 5.2

Published Nov 02, 2023

Tracked Since Feb 18, 2026