STAGE Release 2.0.1
Bugfixes, Performance and Stability Improvements
STAGE
-
Security vulnerability bug fix for the STAGE Suite file. STAGE version 2.0.0 of the STAGE server endpoint is vulnerable to HTTP Request Smuggling through a header-injection de-synchronization using Expect: 100-continue. An unauthenticated attacker can poison the request queue (RQP) to redirect legitimate user traffic, capture session cookies and authentication tokens from live users' requests, and trigger server-side requests to arbitrary hosts. This release fixes this critical security issue and should be applied without delay.
SAME DSP-Engine
-
N/A
WebRTC Gateway
-
N/A
Debian 12 Node
-
N/A
RSM (Riedel Software Manager)
-
N/A
VSP APP
-
N/A