Microsoft is aware of a tampering vulnerability in the way that HTTP proxies (front-end) and web servers (back-end) that do not strictly adhere to RFC standards handle sequences of HTTP requests received from multiple sources. An attacker who successfully exploited the vulnerability could combine multiple requests into the body of a single request to a web server, allowing them to modify responses or retrieve information from another user's HTTP session. To exploit the vulnerability against an IIS Server hosting a website, an unauthenticated attacker could send a specially crafted request to a targeted IIS Server serviced by a front-end load balancer or proxy that does not strictly adhere to RFC standards. Microsoft recommends that administrators review front-end environmental configurations, and if necessary, enable the request smuggling filter. Testing is required to determine that front-end load balancers and proxies do not forward malformed requests; these requests will be rejected when the filter is enabled, and may disrupt communications. Enable the request smuggling filter on your web server by using the Registry Editor Note Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.

No EPSS score available for this CVE.

@Sw4mp_f0x, Andrew Stucki, @ZeddYu_Lu