CVE-2023-34038

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Aug 4, 2023

Updated: Aug 9, 2023

Summary

CVE-2023-34038 is a newly disclosed information disclosure vulnerability affecting VMware Horizon Server. This issue allows unauthorized network access actors to retrieve sensitive information about the internal network configuration. Successful exploitation could potentially lead to further attacks or unauthorized access to critical systems. VMware urges users to apply the available patch to mitigate this risk. The vulnerability does not involve user authentication or specific file access, but rather relies on network proximity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

VMware Horizon Client

Affected Vendors

VMware Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sN2wDN
https://www.cve.org/CVERecord?id=CVE-2023-34038
https://nvd.nist.gov/vuln/detail/CVE-2023-34038

Back to Vulnerability Database