Vulnerabilities > Moxa > EDS G503 Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-02 | CVE-2023-4217 | Exposure of Resource to Wrong Sphere vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. | 5.3 |
2023-11-02 | CVE-2023-5035 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. | 5.3 |