A vulnerability exists in Altitude Communication Server due to inconsistent analysis of HTTP requests over Keep-Alive connections using Content-Length headers. This can lead to request desynchronization between frontend and backend servers, potentially allowing request hiding, cache poisoning, or security bypass.
Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which could allow request hiding, cache poisoning or security bypass.