Lucene search

[email protected]CVE-2023-34038

HistoryAug 04, 2023 - 12:15 p.m.

CVE-2023-34038

2023-08-0412:15:10

[email protected]

web.nvd.nist.gov

177

vmware

horizon

server

vulnerability

info disclosure

network access

information security

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.

Affected configurations

NVD

Node

vmwarehorizon_clientMatch2006

vmwarehorizon_clientMatch2012

vmwarehorizon_clientMatch2103

vmwarehorizon_clientMatch2106

vmwarehorizon_clientMatch2111

vmwarehorizon_clientMatch2111.1

vmwarehorizon_clientMatch2203

vmwarehorizon_clientMatch2212

CPENameOperatorVersion
vmware:horizon_clientvmware horizon clienteq2006
vmware:horizon_clientvmware horizon clienteq2012
vmware:horizon_clientvmware horizon clienteq2103
vmware:horizon_clientvmware horizon clienteq2106
vmware:horizon_clientvmware horizon clienteq2111
vmware:horizon_clientvmware horizon clienteq2111.1
vmware:horizon_clientvmware horizon clienteq2203
vmware:horizon_clientvmware horizon clienteq2212

CPE	Name	Operator	Version
vmware:horizon_client	vmware horizon client	eq	2006
vmware:horizon_client	vmware horizon client	eq	2012
vmware:horizon_client	vmware horizon client	eq	2103
vmware:horizon_client	vmware horizon client	eq	2106
vmware:horizon_client	vmware horizon client	eq	2111
vmware:horizon_client	vmware horizon client	eq	2111.1
vmware:horizon_client	vmware horizon client	eq	2203
vmware:horizon_client	vmware horizon client	eq	2212

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "VMware Horizon Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Horizon Server 2306, Horizon Server 2303, Horizon Server 2212, Horizon Server 2209, Horizon Server 2206, Horizon Server 2111.x, Horizon Server 2106, Horizon Server 2103, Horizon Server 2012, Horizon Server 2006"
      }
    ]
  }
]