Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-accessible with no auth required per description and PR:N in source vector; scope unchanged, no confidentiality or availability impact; low integrity write only.
Primary rating from Vendor (cisa-cg).
CVSS VectorVendor: cisa-cg
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Deloitte AI Assist for Customer accepted unauthenticated POST requests through public-facing API endpoints that allowed a remote attacker to make limited additions to the configuration. These additions were not used by the system. On 2026-03-25, AI Assist for Customer restricted network access and enforced authentication for the previously exposed endpoints.
AnalysisAI
Deloitte AI Assist for Customer exposed public-facing REST API endpoints that accepted unauthenticated POST requests, enabling remote attackers to inject limited additions into the application's configuration store without credentials. The root cause is CWE-306 (Missing Authentication for Critical Function), and the CVSS 4.0 vector (PR:N/AV:N/AC:L) confirms zero-friction remote exploitation against default deployments. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No authentication is required - the CVSS 4.0 vector confirms PR:N, meaning exploitation is fully unauthenticated. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 6.9 (Medium) reflects genuinely accessible, low-friction exploitation: the attack vector is network (AV:N), complexity is low (AC:L), and no privileges or user interaction are required (PR:N/UI:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated remote attacker identifies a publicly reachable AI Assist for Customer deployment, then sends crafted HTTP POST requests directly to the exposed configuration API endpoints - requiring no credentials, tokens, or prior access. The attacker successfully writes limited entries into the configuration store. … |
| Remediation | On 2026-03-25, Deloitte remediated this vulnerability by restricting network access to the previously exposed endpoints and enforcing authentication for all affected API paths. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Ai Assist For Customer
View allConfiguration information disclosure in Deloitte AI Assist for Customer exposed internal system details through unauthen
Unauthenticated API endpoints in Deloitte AI Assist for Customer exposed the platform's retrieval-augmented generation c
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42975
GHSA-23xg-h5j2-8fcf