GT Edge AI Platform Incorrect Access Control Vulnerability in Conversations API

Vulnerability

A vulnerability exists in the GT Edge AI Platform, specifically in the Community Edition prior to version 2.0.12. The issue arises from incorrect access control in the '/api/v1/conversations/*/messages' API, allowing unauthorized attackers to access the message history of other users with AI agents.

Impact

Exploitation of this vulnerability could lead to unauthorized access to users' message histories with AI agents, causing a breach of privacy and confidentiality.

Added: Dec 22, 2025, 7:18 PM

Updated: Dec 22, 2025, 7:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GT Edge AI Platform Incorrect Access Control Vulnerability in Conversations API

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating