Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AV:N as endpoints are network-reachable; AC:H because specific undocumented parameter knowledge is required; C:L/I:L for partial corpus read and injection; no availability impact.
Primary rating from Vendor (cisa-cg).
CVSS VectorVendor: cisa-cg
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Deloitte AI Assist for Customer exposed unauthenticated API endpoints that allowed an attacker with knowledge of additional parameters to read from or inject content into the retrieval-augmented generation (RAG) corpus. On 2026-03-25, AI Assist for Customer restricted network access and enforced authentication for the previously exposed endpoints.
AnalysisAI
Unauthenticated API endpoints in Deloitte AI Assist for Customer exposed the platform's retrieval-augmented generation corpus to unauthorized read access and content injection by any network-reachable attacker who could discover the required request parameters. The root cause is missing authentication on critical internal API functions (CWE-306), enabling adversaries to exfiltrate proprietary knowledge base content or poison AI-generated responses with injected documents. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to know or independently enumerate the specific additional parameters required by the RAG corpus API endpoints - the CVSS AC:H rating directly reflects this non-trivial prerequisite, and it is explicitly stated in the CVE description ('attacker with knowledge of additional parameters'). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 4.8 (Medium) reflects a network-reachable (AV:N), unauthenticated (PR:N) vulnerability requiring no user interaction (UI:N), but the AC:H modifier captures the most meaningful practical barrier: an attacker must independently discover the specific undocumented parameter structure of the API endpoints, substantially limiting opportunistic or automated exploitation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with prior knowledge of the API endpoint structure - obtained through traffic interception, documentation review, or targeted reconnaissance against a customer deployment - sends unauthenticated HTTP requests with the required parameters to the RAG corpus API over the network. Successful exploitation allows the attacker to extract indexed enterprise documents from the knowledge base or inject fabricated content that the AI model will subsequently surface as authoritative to end users querying the platform. … |
| Remediation | The vendor applied a server-side fix on 2026-03-25 by restricting network access to the previously exposed RAG corpus API endpoints and enforcing authentication on all previously unauthenticated routes. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Ai Assist For Customer
View allDeloitte AI Assist for Customer exposed public-facing REST API endpoints that accepted unauthenticated POST requests, en
Configuration information disclosure in Deloitte AI Assist for Customer exposed internal system details through unauthen
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42976
GHSA-85qw-gwgm-xj6w