CVE-2023-34037

Summary

VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Horizon ServerHorizon Server 2306, Horizon Server 2303, Horizon Server 2212, Horizon Server 2209, Horizon Server 2206, Horizon Server 2111.x, Horizon Server 2106, Horizon Server 2103, Horizon Server 2012, Horizon Server 2006affected

Weaknesses

  • Request smuggling vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References