Description
VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8) contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP address.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.vmware.com/security/advisories/VMSA-2019-0003.html
Scores
CVSS v3
5.3
EPSS
0.0072
EPSS Percentile
72.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
Status
published
Products (1)
vmware/horizon
6.0.0 - 6.2.8
Published
Apr 09, 2019
Tracked Since
Feb 18, 2026