CVE-2023-34037 โ€” HTTP Request Smuggling in Vmware Horizon Client

CWE-444 โ€” HTTP Request Smuggling3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.8%
top 26.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Horizon Client
Timeline
PublishedAug 4

Description

VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

โ–ถNVDvmware/horizon_client8 versions+7

๐Ÿ”ดVulnerability Details

2
CVEList
CVE-2023-34037: VMware Horizon Server contains a HTTP request smuggling vulnerabilityโ†—2023-08-04
โ–ถ
GHSA
GHSA-329g-wg5g-524r: VMware Horizon Server contains a HTTP request smuggling vulnerabilityโ†—2023-08-04
โ–ถ
CVE-2023-34037 โ€” HTTP Request Smuggling in Vmware | cvebase