VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.
References
| Link | Resource |
|---|---|
| https://www.vmware.com/security/advisories/VMSA-2023-0017.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Aug 2023, 17:21
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://www.vmware.com/security/advisories/VMSA-2023-0017.html - Vendor Advisory | |
| CWE | CWE-444 | |
| CPE | cpe:2.3:a:vmware:horizon_client:2111:*:*:*:*:*:*:* cpe:2.3:a:vmware:horizon_client:2106:*:*:*:*:*:*:* cpe:2.3:a:vmware:horizon_client:2212:*:*:*:*:*:*:* cpe:2.3:a:vmware:horizon_client:2006:*:*:*:*:*:*:* cpe:2.3:a:vmware:horizon_client:2111.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:horizon_client:2203:*:*:*:*:*:*:* cpe:2.3:a:vmware:horizon_client:2012:*:*:*:*:*:*:* cpe:2.3:a:vmware:horizon_client:2103:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
04 Aug 2023, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-04 12:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-34037
Mitre link : CVE-2023-34037
CVE.ORG link : CVE-2023-34037
JSON object : View
Products Affected
vmware
- horizon_client
CWE
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')