admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-3711.md

35 lines
2.3 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-3711](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3711)
![](https://img.shields.io/static/v1?label=Product&message=PC23%2F43%2C%20PD43&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=PD45%2C%20PX240&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=PM23%2F43&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=PM42&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=PM45&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=PX45%2F65&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=PX4ie%2F6ie&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=PX940&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=RP2f%2FRP4f&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20A10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20B10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20F10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20H10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20J10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20K10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20M10.19.050006%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20P10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20T10.19.050004%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-384%20Session%20Fixation&color=brighgreen)
### Description
Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
### POC
#### Reference
- https://www.honeywell.com/us/en/product-security
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/vpxuser/CVE-2023-3711-POC
Reference in New Issue Copy Permalink