VDB

GCVE-110-CLOUD-2023-0026

GCVE-110-CLOUD-2023-0026
Advisory Published
Vulnetix · Advisory published June 27, 2023
A client-side desync vulnerability was discovered in Front Door, one of Azure's CDN solutions, caused by mishandling of the 'Content-Length' header in HTTP requests. Exploiting this vulnerability would most likely require user interaction through social engineering (such as clicking on a malicious link), but could allow an attacker to steal session cookies or forge responses to victim requests.

Affected Products

VendorProductVersionsPlatforms
AzureAzure Front Door
AzureCloud Services
AzureFront Door
AzureCDN

References

advisory
advisory

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›