Lucene search

[email protected]NVD:CVE-2023-34038

HistoryAug 04, 2023 - 12:15 p.m.

CVE-2023-34038

2023-08-0412:15:10

[email protected]

web.nvd.nist.gov

vmware horizon server

information disclosure

internal network configuration

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.7%

JSON

VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.

Affected configurations

NVD

Node

vmwarehorizon_clientMatch2006

vmwarehorizon_clientMatch2012

vmwarehorizon_clientMatch2103

vmwarehorizon_clientMatch2106

vmwarehorizon_clientMatch2111

vmwarehorizon_clientMatch2111.1

vmwarehorizon_clientMatch2203

vmwarehorizon_clientMatch2212

References

www.vmware.com/security/advisories/VMSA-2023-0017.html

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.7%

JSON

Related for NVD:CVE-2023-34038

prion1 cvelist1 cve1 vmware1 nessus1