Home

Description

Improper Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in Delinea Inc. Cloud Suite and Privileged Access Service. If you're not using the latest Server Suite agents, this fix requires that you upgrade to Server Suite 2023.1 (agent 6.0.1) or later. * If you cannot upgrade to Release 2023.1 (agent version 6.0.1) or later, you can choose one of the following versions: * Server Suite release 2023.0.5 (agent version 6.0.0-158) * Server Suite release 2022.1.10 (agent version 5.9.1-337)

PUBLISHED Reserved 2025-11-06 | Published 2026-02-18 | Updated 2026-02-19 | Assigner Delinea




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Product status

Default status
unaffected

25.1 HF5
unaffected

25.1 HF4 and earlier
affected

Credits

Dawid Dudek reporter

References

trust.delinea.com/...id=d512dd6a-fa40-421c-ac11-1be280b1cb83

docs.delinea.com/...suite/release-notes/cloud-suite/25.1.htm

cve.org (CVE-2025-12811)

nvd.nist.gov (CVE-2025-12811)

Download JSON