Lucene search

[email protected]CVE-2023-34038

HistoryAug 04, 2023 - 12:15 p.m.

CVE-2023-34038

2023-08-0412:15:10

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

176

vmware

horizon

server

vulnerability

info disclosure

network access

information security

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

16.2%

JSON

VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.

CPENameOperatorVersion
vmware:horizon_clientvmware horizon clienteq2006
vmware:horizon_clientvmware horizon clienteq2012
vmware:horizon_clientvmware horizon clienteq2103
vmware:horizon_clientvmware horizon clienteq2106
vmware:horizon_clientvmware horizon clienteq2111
vmware:horizon_clientvmware horizon clienteq2111.1
vmware:horizon_clientvmware horizon clienteq2203
vmware:horizon_clientvmware horizon clienteq2212

CPE	Name	Operator	Version
vmware:horizon_client	vmware horizon client	eq	2006
vmware:horizon_client	vmware horizon client	eq	2012
vmware:horizon_client	vmware horizon client	eq	2103
vmware:horizon_client	vmware horizon client	eq	2106
vmware:horizon_client	vmware horizon client	eq	2111
vmware:horizon_client	vmware horizon client	eq	2111.1
vmware:horizon_client	vmware horizon client	eq	2203
vmware:horizon_client	vmware horizon client	eq	2212

References

www.vmware.com/security/advisories/VMSA-2023-0017.html

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

16.2%

JSON

Related for CVE-2023-34038

prion1 cvelist1 nessus1 vmware1