GHSA-7xq5-54jp-2mfg

Source

https://github.com/advisories/GHSA-7xq5-54jp-2mfg

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/04/GHSA-7xq5-54jp-2mfg/GHSA-7xq5-54jp-2mfg.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-7xq5-54jp-2mfg

Aliases

CVE-2025-32377

Published

2025-04-17T18:33:20Z

Modified

2025-04-23T14:48:58.660723Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVSS Calculator

Summary

Rasa Pro Missing Authentication For Voice Connector APIs

Details

Vulnerability

A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the credentials.yml file. This could allow an attacker to submit voice data to the Rasa Pro assistant from an unauthenticated source.

This impacts the following connectors:

audiocodes_stream
genesys
jambonz

As part of our investigation to resolve this issue, we have also performed a security review of our other voice channel connectors:

browser_audio: Does not support authentication. This is a development channel not intended for production use.
twilio_media_streams, twilio_voice and jambonz: Authentication is currently not supported by these channels, but our investigation has found a way for us to enable it for these voice channel connectors in a future Rasa Pro release.

Fix

The issue has been resolved for audiocodes, audiocodes_stream, and genesys connectors. Fixed versions of Rasa Pro have been released for 3.9.20, 3.10.19, 3.11.7 and 3.12.6. Please update to a fixed release.

If you are using one of the affected connectors, we strongly recommend upgrading to a fixed version. For connectors where authentication is not supported (e.g., Twilio), we suggest taking extra caution and considering other compensating controls if applicable.

Database specific

{
    "nvd_published_at": "2025-04-18T20:15:16Z",
    "cwe_ids": [
        "CWE-306"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-17T18:33:20Z"
}

References

Affected packages

PyPI / rasa-pro

Package

Name: rasa-pro; View open source insights on deps.dev
Purl: pkg:pypi/rasa-pro

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.12.0

Fixed

3.12.6

Affected versions

3.*

3.12.0

3.12.1.dev1

3.12.1.dev2

3.12.1

3.12.2.dev2

3.12.2.dev3

3.12.2.dev4

3.12.2

3.12.3

3.12.4

3.12.5

3.12.6.dev1

3.12.6.dev2

Database specific

{
    "last_known_affected_version_range": "<= 3.12.5"
}

PyPI / rasa-pro

Package

Name: rasa-pro; View open source insights on deps.dev
Purl: pkg:pypi/rasa-pro

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.11.0

Fixed

3.11.7

Affected versions

3.*

3.11.0

3.11.1

3.11.2

3.11.3a1.dev1

3.11.3a1.dev2

3.11.3a1.dev4

3.11.3a1.dev5

3.11.3a1.dev6

3.11.3a1.dev7

3.11.3

3.11.4

3.11.5

3.11.6

Database specific

{
    "last_known_affected_version_range": "<= 3.11.6"
}

PyPI / rasa-pro

Package

Name: rasa-pro; View open source insights on deps.dev
Purl: pkg:pypi/rasa-pro

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.10.0

Fixed

3.10.19

Affected versions

3.*

3.10.3

3.10.4

3.10.5

3.10.6

3.10.7.dev1

3.10.7.dev2

3.10.7.dev3

3.10.7.dev4

3.10.7.dev5

3.10.7

3.10.8

3.10.9.dev1

3.10.9

3.10.10

3.10.11

3.10.12

3.10.13a1

3.10.13

3.10.14

3.10.15

3.10.16

3.10.17

3.10.18

Database specific

{
    "last_known_affected_version_range": "<= 3.10.18"
}

PyPI / rasa-pro

Package

Name: rasa-pro; View open source insights on deps.dev
Purl: pkg:pypi/rasa-pro

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.9.20

Affected versions

0.*

0.0.1

0.0.1.post1

3.*

3.8.16

3.8.17

3.8.18

3.9.14

3.9.15

3.9.16

3.9.17

3.9.18

3.9.19

Database specific

{
    "last_known_affected_version_range": "<= 3.9.17"
}