vulnerability

VMware Horizon Connection Server: CVE-2023-34037 Horizon Server HTTP request smuggling vulnerability (VMSA-2023-0017)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Aug 4, 2023	Mar 13, 2024	Jan 28, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Aug 4, 2023

Added

Mar 13, 2024

Modified

Jan 28, 2025

Description

VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.

Solution(s)

vmware-horizon-connection-server-upgrade-2111_2_0vmware-horizon-connection-server-upgrade-2209_1_0vmware-horizon-connection-server-upgrade-2212_1_0vmware-horizon-connection-server-upgrade-2306_0_0

References

CVE-2023-34037
https://attackerkb.com/topics/CVE-2023-34037
URL-http://www.vmware.com/security/advisories/VMSA-2023-0017.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today