Missing Authentication for Critical Function

Summary

Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models (LLMs). A vulnerability was identified in Rasa Pro where voice connectors did not properly enforce authentication, even when a token was configured in the "credentials.yml" file. This could allow an attacker to submit voice data from an unauthenticated source to the Rasa Pro assistant. This issue has been patched for the "audiocodes", "audiocodes_stream", and "genesys" connectors in versions prior to 3.9.20, 3.10.x prior to 3.10.19, 3.11.x prior to 3.11.7, and 3.12.x prior to 3.12.6.dev1.