7 matches found
CVE-2024-32881
Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. Anyone with network access can steal slack bot tokens and set them. This implies full compromise of the customer's slack bot, leading to internal...
CVE-2024-32881
Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. Anyone with network access can steal slack bot tokens and set them. This implies full compromise of the customer's slack bot, leading to internal...
CVE-2024-32881
CVE-2024-32881 affects Danswer (AI Assistant). The vulnerability allows unauthorized GET/SET access to Slack Bot Tokens, enabling token theft and full compromise of the customer’s Slack bot and internal Slack access. The issue is tied to Danswer versions prior to 3.63. Remediation from the connec...
CVE-2024-32881 Unauthorized access to GET/SET of Slack Bot Tokens in Danswer
Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. Anyone with network access can steal slack bot tokens and set them. This implies full compromise of the customer's slack bot, leading to internal...
CVE-2024-32881 Unauthorized access to GET/SET of Slack Bot Tokens in Danswer
Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. Anyone with network access can steal slack bot tokens and set them. This implies full compromise of the customer's slack bot, leading to internal...
PT-2024-24937 · Answer +1 · Answer +1
Name of the Vulnerable Software and Affected Versions: Danswer versions prior to 3.63 Description: Danswer, the AI Assistant connected to a company's documents, applications, and people, is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. This vulnerability allows anyone with...
Danswer 安全漏洞
Danswer is Danswer AI open source an artificial intelligence assistant that connects to company documents, applications and people. Danswer has a security vulnerability that stems from Vulnerability to GET/SET unauthorized access to Slack Bot tokens...