CVE-2023-4217

Name of the Vulnerable Software and Affected Versions PT-G503 Series versions prior to v5.2

Description A vulnerability has been identified where the session cookies attribute is not set properly in the affected application, potentially exposing user session data to unauthorized access and manipulation. The vulnerability is related to the use of cookies for storing confidential information without the HttpOnly flag.

Recommendations For PT-G503 Series versions prior to v5.2, consider updating to version v5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to session cookies to minimize the risk of exploitation. Avoid using the session cookies attribute in the affected application until the issue is resolved. At the moment, there is no information about additional mitigation measures.