CNNVD-202601-4405 Information

CNNVD ID

CNNVD-202601-4405

Related CVE

CVE-2025-41082

• CNNVD Published: 2026-01-26

Description (Chinese)

Altitude Communication Server是美国Altitude公司的一个IP联络中心软件。 Altitude Communication Server存在环境问题漏洞，该漏洞源于对单个Keep-Alive连接中多个HTTP请求的Content-Length标头分析不一致，可能导致请求隐藏、缓存投毒或安全绕过。

Description (English)

Altitude Commission Server is an IP focal point software for Altitude in the United States. There is an environmental loophole in Altitude Commission Server, which stems from inconsistent analysis of the Content-Length markers requested by several HTTPs in a single Keep-Alive connection, which may lead to requests for concealment, cache disposal or safe circumvention.

Hazard Level

High

Vulnerability Type

环境问题

Affected Vendor

Altitude

Published

2026-01-26

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-altitude-communication-server https://access.redhat.com/security/cve/cve-2025-41082