Filtered by vendor Deloitte Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-57474 1 Deloitte 1 Ai Assist For Customer 2026-07-13 5.3 Medium
Deloitte AI Assist for Customer disclosed some configuration information through public-facing API endpoints that accepted unauthenticated requests. This information could reduce an attacker’s reconnaissance effort. On 2026-03-25, AI Assist for Customer restricted network access and enforced authentication for the previously exposed endpoints.
CVE-2026-57475 1 Deloitte 1 Ai Assist For Customer 2026-07-13 5.3 Medium
Deloitte AI Assist for Customer accepted unauthenticated POST requests through public-facing API endpoints that allowed a remote attacker to make limited additions to the configuration. These additions were not used by the system. On 2026-03-25, AI Assist for Customer restricted network access and enforced authentication for the previously exposed endpoints.
CVE-2026-57476 1 Deloitte 1 Ai Assist For Customer 2026-07-13 4.8 Medium
Deloitte AI Assist for Customer exposed unauthenticated API endpoints that allowed an attacker with knowledge of additional parameters to read from or inject content into the retrieval-augmented generation (RAG) corpus. On 2026-03-25, AI Assist for Customer restricted network access and enforced authentication for the previously exposed endpoints.