CVE-2025-11915 - Vulnerability Details - OpenCVE

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00042.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://cloud.google.com/vertex-ai/generative-ai/docs/security-bulletins#gcp-2025-059

History

Wed, 22 Oct 2025 09:30:00 +0000

Type	Values Removed	Values Added
Description		Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action.
Title		HTTP Desynchronisation in Vertex AI for certain third-party models
Weaknesses		CWE-444
References		https://cloud.google.com/vertex-ai/generative-ai/docs/security-bulletins#gcp-2025-059
Metrics		cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/U:Clear'}`

MITRE

Status: PUBLISHED

Assigner: GoogleCloud

Published: 2025-10-22T09:13:24.601Z

Updated: 2025-10-22T13:54:26.683Z

Reserved: 2025-10-17T13:16:40.480Z

Link: CVE-2025-11915

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-22T10:15:31.270

Modified: 2025-10-22T10:15:31.270

Link: CVE-2025-11915

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-11915", "assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "state": "PUBLISHED", "assignerShortName": "GoogleCloud", "dateReserved": "2025-10-17T13:16:40.480Z", "datePublished": "2025-10-22T09:13:24.601Z", "dateUpdated": "2025-10-22T13:54:26.683Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["https://cloud.google.com/vertex-ai/generative-ai/docs/partner-models/use-partner-models"], "product": "Vertex AI: Partner Models for MaaS", "vendor": "Google Cloud", "versions": [{"lessThan": "2025-09-26", "status": "affected", "version": "0", "versionType": "date"}]}, {"defaultStatus": "unaffected", "platforms": ["https://cloud.google.com/vertex-ai/generative-ai/docs/maas/use-open-models"], "product": "Vertex AI: Open Models for MaaS", "vendor": "Google Cloud", "versions": [{"lessThan": "2025-09-28", "status": "affected", "version": "0", "versionType": "date"}]}, {"defaultStatus": "unaffected", "platforms": ["https://cloud.google.com/vertex-ai/generative-ai/docs/model-garden/self-deployed-models"], "product": "Vertex AI: Self-Deployed Models", "vendor": "Google Cloud", "versions": [{"lessThan": "2025-09-28", "status": "affected", "version": "0", "versionType": "date"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action.</span><br>"}], "value": "Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action."}], "impacts": [{"capecId": "CAPEC-33", "descriptions": [{"lang": "en", "value": "CAPEC-33 HTTP Request Smuggling"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "CLEAR", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/U:Clear", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-444", "description": "CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "shortName": "GoogleCloud", "dateUpdated": "2025-10-22T10:40:03.756Z"}, "references": [{"url": "https://cloud.google.com/vertex-ai/generative-ai/docs/security-bulletins#gcp-2025-059"}], "source": {"discovery": "UNKNOWN"}, "tags": ["exclusively-hosted-service"], "title": "HTTP Desynchronisation in Vertex AI for certain third-party models", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-22T13:54:15.699505Z", "id": "CVE-2025-11915", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-22T13:54:26.683Z"}}]}}

{"cveTags": [{"sourceIdentifier": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "tags": ["exclusively-hosted-service"]}], "descriptions": [{"lang": "en", "value": "Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action."}], "id": "CVE-2025-11915", "lastModified": "2025-10-22T10:15:31.270", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "CLEAR", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "type": "Secondary"}]}, "published": "2025-10-22T10:15:31.270", "references": [{"source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "url": "https://cloud.google.com/vertex-ai/generative-ai/docs/security-bulletins#gcp-2025-059"}], "sourceIdentifier": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-444"}], "source": "f45cbf4e-4146-4068-b7e1-655ffc2c548c", "type": "Secondary"}]}