CVE-2023-4228 — LOW (3.1) — White Hats Nepal

Q: How severe is CVE-2023-4228?

CVE-2023-4228 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-4228?

Check the references section above for vendor advisories and patch information. Affected products include: Moxa Iologik E4200 Firmware, Moxa Iologik E4200.

Vulnerability Description

A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

CVSS Score

3.1

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Moxa	Iologik E4200 Firmware	<= 1.6
Moxa	Iologik E4200	-

Related Weaknesses (CWE)

CWE-1004 CWE-732

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-ioVendor Advisory
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-ioVendor Advisory

FAQ

What is CVE-2023-4228?

CVE-2023-4228 is a vulnerability with a CVSS score of 3.1 (LOW). A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vu...

How severe is CVE-2023-4228?

CVE-2023-4228 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-4228?

Check the references section above for vendor advisories and patch information. Affected products include: Moxa Iologik E4200 Firmware, Moxa Iologik E4200.