CVE-2023-5035
CVSS V2 None
CVSS V3 None
Description
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.
Overview
- CVE ID
- CVE-2023-5035
- Assigner
- Moxa
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-02T16:11:13.854Z
- Last Modified Date
- 2023-11-02T16:11:13.854Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-5035 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5035 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 04:37:21 | Added to TrackCVE |