Altitude Authentication Service and Communication Server Host Header Injection Vulnerability

Vulnerability

A vulnerability exists in Altitude Authentication Service and Altitude Communication Server version 8.5.3290.0, where improper handling of the Host header in HTTP requests can lead to open redirection or phishing attacks. This vulnerability allows an attacker to redirect users to a malicious URL or alter the base URL, potentially causing them to inadvertently send login credentials to a fraudulent website.

Impact

Exploitation of this vulnerability could lead to phishing attacks, where users are tricked into providing sensitive information such as login credentials to a malicious website.

Added: Jan 26, 2026, 10:25 AM

Updated: Jan 26, 2026, 3:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Altitude Authentication Service and Communication Server Host Header Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating