4 matches found
CVE-2024-8057
In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create credentials and link them to an existing connector. This issue arises because the system allows an unauthenticated attacker to sign up with a basic account and perform actions that should be restricted to...
CVE-2024-8057
In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create credentials and link them to an existing connector. This issue arises because the system allows an unauthenticated attacker to sign up with a basic account and perform actions that should be restricted to...
CVE-2024-8057 Improper Access Control in danswer-ai/danswer
In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create credentials and link them to an existing connector. This issue arises because the system allows an unauthenticated attacker to sign up with a basic account and perform actions that should be restricted to...
CVE-2024-8057
CVE-2024-8057 concerns the Danswer AI project (danswer, version 0.4.1) where a basic user can create credentials and link them to an existing connector due to insufficient access control. The issue arises because an unauthenticated user can sign up with a basic account and perform actions that sh...