Executive Summary

The vulnerability in AnythingLLM involves improper file deletion in a multi-user environment. Although ownership checks were added for reading and deleting parsed files, the POST /api/workspace/:slug/embed-parsed-file/:fileId endpoint still deletes files by their primary key without verifying ownership. This deletion happens inside finally blocks that run even if the ownership-checked read fails. As a result, a manager or admin can delete any user's parsed file in any workspace, including those they are not a member of, by enumerating file IDs.

The server misleadingly returns "File not found" while still deleting the file, making the attack less obvious. This vulnerability was fixed in version 1.14.1 by modifying the deletion logic to require matching userId, workspaceId, and file ID, ensuring that only authorized deletions occur.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows a manager or admin in a multi-user setup to delete any parsed file belonging to any user in any workspace, even if they are not members of that workspace. This can lead to unauthorized deletion of files, causing data loss and disruption of other users' document workflows.

Because the deletion bypasses ownership checks, it compromises the integrity and availability of user data within the application.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves unauthorized deletion of parsed files by enumerating integer fileIds via the POST /api/workspace/:slug/embed-parsed-file/:fileId endpoint without ownership checks.

Detection can focus on monitoring API calls to this endpoint, especially POST requests that delete files by fileId without verifying user ownership.

Suggested commands include inspecting server logs or using network monitoring tools to filter for suspicious POST requests to paths matching /api/workspace/.*/embed-parsed-file/.* where the user performing the action is a manager or admin.

For example, using grep on server logs: grep -E 'POST /api/workspace/.*/embed-parsed-file/' /path/to/access.log

Additionally, monitoring for unexpected file deletions or discrepancies in file ownership in the database can help detect exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The vulnerability is fixed in AnythingLLM version 1.14.1 by adding ownership checks to the file deletion process.

Immediate mitigation steps include upgrading the AnythingLLM application to version 1.14.1 or later.

If upgrading is not immediately possible, restrict manager or admin access to trusted users only, and monitor for suspicious file deletion activity.

Review and apply patches that modify the deletion logic to require matching userId, workspaceId, and fileId before deletion, as described in the patch for this CVE.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows a manager or admin in a multi-user environment to delete any other user's parsed files across all workspaces without ownership verification. This unauthorized deletion can lead to cross-tenant data loss and disruption of document workflows.

Such unauthorized deletion of user data could potentially impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls over data access, integrity, and availability. The ability to delete files without proper ownership checks undermines data integrity and availability, key principles in these regulations.

However, the CVSS score rates the severity as low (0.0), indicating no direct confidentiality, integrity, or availability impact as per the scoring, but the described impact on integrity and availability due to unauthorized deletion suggests a risk to compliance if exploited.

Useful 0 Not Useful 0