CVE-2023-34037

5.3MEDIUM

Key Information

Vendor: Vmware
Status: Vmware Horizon Server
Vendor: CVE Published:; 4 August 2023

Summary

VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.

Affected Version(s)

VMware Horizon Server = Horizon Server 2306, Horizon Server 2303, Horizon Server 2212, Horizon Server 2209, Horizon Server 2206, Horizon Server 2111.x, Horizon Server 2106, Horizon Server 2103, Horizon Server 2012, Horizon Server 2006

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 4, 2023
Vulnerability Reserved.
May 25, 2023

Collectors

NVD DatabaseMitre Database