VMSA-2023-0017

VMware Security Advisory

Moderate

Advisory ID:
VMSA-2023-0017

CVSSv3 Range:
5.3

Issue Date:
2023-08-03

Updated On:
2023-08-03 (Initial Advisory)

CVE(s):
CVE-2023-34037, CVE-2023-34038

Synopsis:
VMware Horizon Server updates address multiple security vulnerabilities (CVE-2023-34037, CVE-2023-34038)

1. Impacted Products

VMware Horizon Server

2. Introduction

Multiple vulnerabilities in VMware Horizon Server were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. 

3a. Request smuggling vulnerability (CVE-2023-34037)

Description

VMware Horizon Server contains a HTTP request smuggling vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

Known Attack Vectors

A malicious actor with network access may be able to perform HTTP smuggle requests.

Resolution

To remediate CVE-2023-34037 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below.

Workarounds

None.

Additional Documentation

None.

Notes

None.

Acknowledgements

VMware would like to thank Ricter Z, and Matt Landers of OccamSec for independently reporting this issue to us.

3b. Information disclosure vulnerability (CVE-2023-34038)

Description

VMware Horizon Server contains an information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

Known Attack Vectors

A malicious actor with network access may be able to access information relating to the internal network configuration.
 

Resolution

To remediate CVE-2023-34038 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below.

Workarounds

None.

Additional Documentation

None.

Notes

None.

Acknowledgements

VMware would like to thank Matt Landers of OccamSec for reporting this issue to us.

Response Matrix

Product
Version
Running On
CVE Identifier
CVSSv3
Severity
Fixed Version
Workarounds
Additional Documentation

VMware Horizon Server

2306

Any

N/A

N/A

N/A

Unaffected

N/A

N/A

VMware Horizon Server

2303.x

Any

CVE-2023-34037, CVE-2023-34038

5.3

moderate

2306

None

None

VMware Horizon Server

2212.x

Any

CVE-2023-34037, CVE-2023-34038

5.3

moderate

2212.1

None

None

VMware Horizon Server

2209.x, 2206, 2203

Any

CVE-2023-34037, CVE-2023-34038

5.3

moderate

2209.1

None

None

VMware Horizon Server

2111.x, 2106, 2103, 2012, 2006

Any

CVE-2023-34037, CVE-2023-34038

5.3

moderate

2111.2

None

None

4. References

Fixed Versions(s) and Release Notes: 2306 https://docs.vmware.com/en/VMware-Horizon/8-2306/rn/vmware-horizon-8-2306-release-notes/index.html 2212.1 https://docs.vmware.com/en/VMware-Horizon/8-2212.1/rn/vmware-horizon-8-22121-release-notes/index.html 2209.1 https://docs.vmware.com/en/VMware-Horizon/8-2209.1/rn/vmware-horizon-8-22091-release-notes/index.html 2111.2 https://docs.vmware.com/en/VMware-Horizon/8-2111.2/rn/vmware-horizon-8-21112-release-notes/index.html
Downloads: 2306 https://customerconnect.vmware.com/en/downloads/info/slug/desktop_end_user_computing/vmware_horizon/2306 2212.1 https://customerconnect.vmware.com/en/downloads/info/slug/desktop_end_user_computing/vmware_horizon/2212 2209.1 https://customerconnect.vmware.com/en/downloads/info/slug/desktop_end_user_computing/vmware_horizon/2209 2111.2 https://customerconnect.vmware.com/en/downloads/info/slug/desktop_end_user_computing/vmware_horizon/2111 Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34037 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34038
FIRST CVSSv3 Calculator: CVE-2023-34037: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2023-34038: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5. Change Log

2023-08-03: VMSA-2023-0017 Initial security advisory.

6. Contact

E-mail: security@vmware.com
PGP key at: https://kb.vmware.com/kb/1055 
VMware Security Advisories https://www.vmware.com/security/advisories 
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html 
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html 
VMware Security & Compliance Blog https://blogs.vmware.com/security 
Twitter https://twitter.com/VMwareSRC
Copyright 2023 VMware Inc. All rights reserved.
 

CLICK FOR MORE INFORMATION