Vulnerability	Vulnerable Version
H Improper Authentication botframework-connector is a Bot Connector is autorest generated connector client. Affected versions of this package are vulnerable to Improper Authentication. A maliciously crafted claim may be incorrectly authenticated by the bot. Impacts bots that are not configured to be used as a Skill. This vulnerability requires an attacker to have internal knowledge of the bot. How to fix Improper Authentication? Upgrade `botframework-connector` to version 4.10.3, 4.9.4, 4.8.1, 4.7.3 or higher.	>=4.10.0 <4.10.3>=4.9.0 <4.9.4>=4.8.0 <4.8.1>=4.7.0 <4.7.3

Improper Authentication

botframework-connector is a Bot Connector is autorest generated connector client.

Affected versions of this package are vulnerable to Improper Authentication. A maliciously crafted claim may be incorrectly authenticated by the bot. Impacts bots that are not configured to be used as a Skill. This vulnerability requires an attacker to have internal knowledge of the bot.

How to fix Improper Authentication?

Upgrade botframework-connector to version 4.10.3, 4.9.4, 4.8.1, 4.7.3 or higher.

>=4.10.0 <4.10.3>=4.9.0 <4.9.4>=4.8.0 <4.8.1>=4.7.0 <4.7.3

Go back to all versions of this package