What is CVE-2023-5035?

CVE-2023-5035 is a low-severity vulnerability in Moxa Pt-g503 Series, classified under Sensitive Cookie in HTTPS Session Without 'Secure' Attribute. CVSS score: 3.1/10. Published 2023-11-02.

How severe is CVE-2023-5035?

Low severity. CVSS v3 base score is 3.1 out of 10.

Vulnerability in Moxa Pt-g503 Series

CVE-2023-5035

A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP…

EPSS: 0.001 (32.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.1 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N.

Affected products

Moxa Pt-g503 Series — versions 1.0

Weakness classification (CWE)

CWE-614 — Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

References

www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-s… (vendor-advisory)

Frequently asked questions

What is CVE-2023-5035?: CVE-2023-5035 is a low-severity vulnerability in Moxa Pt-g503 Series, classified under Sensitive Cookie in HTTPS Session Without 'Secure' Attribute. CVSS score: 3.1/10. Published 2023-11-02.
How severe is CVE-2023-5035?: Low severity. CVSS v3 base score is 3.1 out of 10.