What is CVE-2023-3711?

CVE-2023-3711 is a medium-severity vulnerability in Honeywell Pc23/43, Pd43, classified under Session Fixation. CVSS score: 6.4/10. Published 2023-09-12.

How severe is CVE-2023-3711?

Medium severity. CVSS v3 base score is 6.4 out of 10.

Is CVE-2023-3711 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Honeywell Pc23/43, Pd43

CVE-2023-3711

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available f…

EPSS: 0.001 (29.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.4 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L.

Affected products

Honeywell Pc23/43, Pd43 — versions 0
Honeywell Pd45, Px240 — versions 0
Honeywell Pm23/43 — versions 0
Honeywell Pm42 — versions 0
Honeywell Pm45 — versions 0
Honeywell Px45/65 — versions 0
Honeywell Px4ie/6ie — versions 0
Honeywell Px940 — versions 0
Honeywell Rp2f/rp4f — versions 0

Weakness classification (CWE)

CWE-384 — Session Fixation

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2023-3711?: CVE-2023-3711 is a medium-severity vulnerability in Honeywell Pc23/43, Pd43, classified under Session Fixation. CVSS score: 6.4/10. Published 2023-09-12.
How severe is CVE-2023-3711?: Medium severity. CVSS v3 base score is 6.4 out of 10.
Is CVE-2023-3711 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.