Dify Authorization Bypass Vulnerability Allowing Cross-User File Access

An authorization bypass vulnerability exists in Dify versions prior to 1.14.0, allowing authenticated users to access files uploaded by others within the same tenant. This is achieved by inserting a file UUID into the files array of a chat-messages request, exploiting inadequate permission checks on the chat-messages endpoint. The vulnerability bypasses workspace separation and signed URL protections, enabling unauthorized access to sensitive file contents through workflow processing.

Impact

Exploitation of this vulnerability allows for unauthorized access to files uploaded by other users within the same tenant, bypassing established permission checks and workspace separations. This could lead to exposure of sensitive information contained in those files.

Reproduction

To reproduce this vulnerability, first upload a file using the Dify console or web application. After uploading, copy the UUID of the file from the response. Then, log in as a different user within the same tenant and send a message through the chat-messages endpoint, including the copied UUID in the files array. The message can be crafted to request a repetition of the file's contents, thereby accessing the unauthorized file data.

Remediation

Users can update to Dify version 1.14.0 or later, where this vulnerability has been addressed.