CVE-2025-12811

EPSS 0.33%
Veröffentlicht 18.02.2026 22:08:25
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 1443cd92-d354-46d2-9290-d81231
CVE-Watchlists
Login
Unerledigt
Login

Cloud Suite and Privilege Access Service– HTTP request smuggling vulnerability

Improper Inconsistent Interpretation of
HTTP Requests ('HTTP Request Smuggling') in Delinea Inc. Cloud Suite and
Privileged Access Service.

If you're not using the latest Server Suite agents, this fix requires that you upgrade to Server Suite 2023.1 (agent 6.0.1) or later.  *  If you cannot upgrade to Release 2023.1 (agent version 6.0.1) or later, you can choose one of the following versions:

  *  Server Suite release 2023.0.5 (agent version 6.0.0-158)


  *  Server Suite release 2022.1.10 (agent version 5.9.1-337)

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerDelinea Inc.

≫

Produkt Cloud Suite and Privileged Access Service

Default Statusunaffected

Version 25.1 HF5

Status unaffected

Version 25.1 HF4 and earlier

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.33%	0.244

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
1443cd92-d354-46d2-9290-d812316ca43a	6.9	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

https://docs.delinea.com/online-help/cloud-suite/release-notes/cloud-suite/25.1.htm#Resolved2

https://trust.delinea.com/?tcuUid=d512dd6a-fa40-421c-ac11-1be280b1cb83

https://nvd.nist.gov/vuln/detail/CVE-2025-12811

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-12811

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-12811

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-12811