Vulnerability Description
Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Honeywell | Pm43 Firmware | < p10.19.050004 |
| Honeywell | Pm43 | - |
Related Weaknesses (CWE)
References
- https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43Permissions Required
- https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43Permissions Required
- https://www.honeywell.com/us/en/product-securityProduct
- https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43Permissions Required
- https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43Permissions Required
- https://www.honeywell.com/us/en/product-securityProduct
FAQ
What is CVE-2023-3711?
CVE-2023-3711 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.0...
How severe is CVE-2023-3711?
CVE-2023-3711 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-3711?
Check the references section above for vendor advisories and patch information. Affected products include: Honeywell Pm43 Firmware, Honeywell Pm43.