Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-30855 is a critical Broken Access Control vulnerability in the WeKnora application, specifically in its tenant management endpoints. It allows any authenticated user to read, modify, or delete any tenant by ID without proper authorization checks.'}, {'type': 'paragraph', 'content': "Because account registration is open to the public, even unauthenticated attackers can register an account and exploit this flaw. The tenant management handlers do not verify tenant ownership or enforce cross-tenant permission checks, enabling attackers to access or manipulate other tenants' data."}, {'type': 'paragraph', 'content': 'This means an attacker can list all tenants, read sensitive tenant data such as API keys, modify configurations of other tenants, or delete tenants entirely, leading to cross-tenant account takeover and destructive actions.'}] [1]

Useful 0 Not Useful 0

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability can have severe impacts including unauthorized access to sensitive data like LLM API keys and knowledge bases belonging to other tenants.'}, {'type': 'paragraph', 'content': "Attackers can modify or delete other tenants' configurations or accounts, resulting in data loss, service disruption, and potential destruction of tenant data."}, {'type': 'paragraph', 'content': "Overall, it enables full compromise of other tenants' accounts and data, posing a critical security risk to the confidentiality, integrity, and availability of the system."}] [1]

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing the tenant management endpoints of the WeKnora application for improper access control. Specifically, you can attempt to use an authenticated account to access, modify, or delete tenants by ID that do not belong to the authenticated user.'}, {'type': 'paragraph', 'content': 'Commands to detect this vulnerability include sending HTTP requests to the following endpoints with an authenticated token or API key:'}, {'type': 'list_item', 'content': 'GET /api/v1/tenants - to list tenants'}, {'type': 'list_item', 'content': 'GET /api/v1/tenants/{id} - to read tenant details by ID'}, {'type': 'list_item', 'content': 'PUT /api/v1/tenants/{id} - to modify tenant details by ID'}, {'type': 'list_item', 'content': 'DELETE /api/v1/tenants/{id} - to delete tenant by ID'}, {'type': 'paragraph', 'content': "For example, using curl to test unauthorized access to another tenant's data:"}, {'type': 'list_item', 'content': 'curl -H "Authorization: Bearer <your_token>" https://your-weknora-instance/api/v1/tenants/10001'}, {'type': 'paragraph', 'content': 'If you can access or modify tenants that you do not own, the vulnerability is present.'}] [1]

Useful 0 Not Useful 0

Mitigation Strategies

The immediate and recommended mitigation is to upgrade the WeKnora application to version 0.3.2 or later, where this authorization bypass vulnerability has been fixed.

Until the upgrade can be performed, consider restricting access to the tenant management endpoints to trusted users only, or disabling public account registration to prevent unauthenticated attackers from registering accounts and exploiting the vulnerability.

Additionally, monitor tenant management API usage for suspicious activity such as unexpected tenant modifications or deletions.

Useful 0 Not Useful 0