Information Disclosure Vulnerability in VMware Horizon Server
CVE-2023-34038

5.3MEDIUM

Key Information:

Vendor: Vmware
Status: VMware Horizon Server
Vendor: CVE Published:; 4 August 2023

Summary

VMware Horizon Server is susceptible to an information disclosure vulnerability that could allow unauthorized access to sensitive internal network configuration details. A malicious actor with network access may exploit this flaw to glean data that could compromise the integrity and security of the network. It is essential for organizations using VMware Horizon Server to review their network configurations and apply recommended security measures to mitigate potential threats. Visit VMware's official advisory for detailed information and remediation steps.

Affected Version(s)

VMware Horizon Server Horizon Server 2306, Horizon Server 2303, Horizon Server 2212, Horizon Server 2209, Horizon Server 2206, Horizon Server 2111.x, Horizon Server 2106, Horizon Server 2103, Horizon Server 2012, Horizon Server 2006

References

https://www.vmware.com/security/advisories/VMSA-2023-0017...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 4, 2023
Vulnerability Reserved
May 25, 2023