CVE-2023-4217 — LOW (3.1) — White Hats Nepal

Q: How severe is CVE-2023-4217?

CVE-2023-4217 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-4217?

Check the references section above for vendor advisories and patch information. Affected products include: Moxa Eds-G503 Firmware, Moxa Eds-G503.

Vulnerability Description

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

CVSS Score

3.1

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Moxa	Eds-G503 Firmware	< 5.2
Moxa	Eds-G503	-

Related Weaknesses (CWE)

CWE-668 CWE-1004

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-ptMitigationVendor Advisory
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-ptMitigationVendor Advisory

FAQ

What is CVE-2023-4217?

CVE-2023-4217 is a vulnerability with a CVSS score of 3.1 (LOW). A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to securit...

How severe is CVE-2023-4217?

CVE-2023-4217 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-4217?

Check the references section above for vendor advisories and patch information. Affected products include: Moxa Eds-G503 Firmware, Moxa Eds-G503.