Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 12:45 p.m.9 views

CVE-2024-8057

In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create credentials and link them to an existing connector. This issue arises because the system allows an unauthenticated attacker to sign up with a basic account and perform actions that should be restricted to...

4.3CVSS7AI score0.00386EPSS
Exploits0References1
NVD
NVD
added 2025/03/20 10:15 a.m.6 views

CVE-2024-8057

In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create credentials and link them to an existing connector. This issue arises because the system allows an unauthenticated attacker to sign up with a basic account and perform actions that should be restricted to...

4.3CVSS0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.9 views

CVE-2024-8057 Improper Access Control in danswer-ai/danswer

In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create credentials and link them to an existing connector. This issue arises because the system allows an unauthenticated attacker to sign up with a basic account and perform actions that should be restricted to...

4.3CVSS0.00386EPSS
Exploits0References1
CVE
CVE
added 2025/03/20 10:10 a.m.41 views

CVE-2024-8057

CVE-2024-8057 concerns the Danswer AI project (danswer, version 0.4.1) where a basic user can create credentials and link them to an existing connector due to insufficient access control. The issue arises because an unauthenticated user can sign up with a basic account and perform actions that sh...

4.3CVSS4.7AI score0.00386EPSS
Exploits0References1
Rows per page
Query Builder