PT-2026-20542 · Delinea · Delinea Cloud Suite+2
Dawid Dudek
·
Publicado
2026-02-18
·
Atualizado
2026-02-19
·
CVE-2025-12811
CVSS v4.0
6.9
Média
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Delinea Cloud Suite and Privileged Access Service versions prior to 2023.1 (agent 6.0.1)
Delinea Server Suite versions 2022.1.10 (agent version 5.9.1-337) and 2023.0.5 (agent version 6.0.0-158)
Description
The software suffers from an Improper Inconsistent Interpretation of HTTP Requests, also known as HTTP Request Smuggling. This issue affects Delinea Cloud Suite and Privileged Access Service.
Recommendations
Upgrade to Delinea Server Suite 2023.1 (agent 6.0.1) or later.
Upgrade to Delinea Server Suite release 2023.0.5 (agent version 6.0.0-158).
Upgrade to Delinea Server Suite release 2022.1.10 (agent version 5.9.1-337).
Correção
HTTP Request/Response Smuggling
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Delinea Cloud Suite
Delinea Server Suite
Privileged Access Service