Intrusion Prevention



This indicates an attack attempt to exploit the HTTP-splitting vulnerability.
The vulnerability is due to the application's failure to properly sanitize user HTTP requests. An attacker can send a specially crafted request containing malicious HTTP responses to poison the cache of the vulnerable web server. As a result, the attacker can bypass content restrictions or cause user requests to be redirected.

Affected Products

All web application environments are susceptible to HTTP splitting.


System compromise: Provides unauthorized access, bypassing security.

Recommended Actions

The signature can be enabled to block this traffic.