Altitude Communication Server Illegal HTTP Request Traffic Vulnerability Allowing Cache Poisoning and Security Bypass

Vulnerability

A vulnerability has been identified in Altitude Communication Server, related to improper handling of multiple HTTP requests over a single Keep-Alive connection. This issue arises from an inconsistent analysis of Content-Length headers, leading to a desynchronization of requests between frontend and backend servers. As a result, the vulnerability could be exploited to hide requests, poison caches, or bypass security measures.

Impact

Exploitation of this vulnerability could result in request desynchronization between frontend and backend servers, allowing for request hiding, cache poisoning, or security bypass.

Added: Jan 26, 2026, 10:25 AM

Updated: Jan 26, 2026, 3:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.4

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.4

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Altitude Communication Server Illegal HTTP Request Traffic Vulnerability Allowing Cache Poisoning and Security Bypass

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating