Tencent WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Versions prior to 0.3.2 contain an authorization bypass vulnerability (CWE-284) in the tenant management endpoints. Specifically, any authenticated user can access tenant management functions—read, modify, or delete tenants—by specifying tenant IDs without proper access checks. Since WeKnora allows open public registration, an attacker can easily create an account and gain authenticated access, effectively bypassing intended tenant isolation controls. This leads to cross-tenant account takeover, unauthorized data access, modification, and deletion, severely compromising multi-tenant environments. The vulnerability affects confidentiality, integrity, and availability of tenant data and services. The CVSS 3.1 base score is 8.8 (high), reflecting network attack vector, low attack complexity, required privileges of an authenticated user (which can be obtained via open registration), no user interaction, and high impact on confidentiality, integrity, and availability. No known exploits are reported in the wild yet. Tencent released a patch in version 0.3.2 to enforce proper authorization checks on tenant management endpoints, mitigating this critical flaw.

This vulnerability allows attackers to bypass tenant isolation in WeKnora deployments, enabling unauthorized access to sensitive tenant data, modification or deletion of tenant resources, and potential service disruption. The cross-tenant takeover can lead to data breaches, loss of intellectual property, and operational downtime. Organizations relying on WeKnora for document understanding and semantic retrieval in multi-tenant environments face critical risks to confidentiality, integrity, and availability. The ease of exploitation due to open registration and lack of user interaction increases the likelihood of attacks. This can undermine trust in affected services, cause regulatory compliance violations, and result in financial and reputational damage. The impact is especially severe in environments where tenants represent distinct organizations or customers with sensitive data.

1. Immediately upgrade WeKnora to version 0.3.2 or later where the authorization bypass is patched. 2. Until upgrade is possible, restrict or disable public account registration to prevent unauthorized authenticated access. 3. Implement additional access control layers at the application or infrastructure level to enforce tenant isolation, such as API gateways or web application firewalls with tenant-aware rules. 4. Conduct thorough audits of tenant management endpoints and logs to detect suspicious cross-tenant access or modifications. 5. Employ monitoring and alerting on unusual tenant activity patterns indicative of exploitation attempts. 6. Review and harden authentication and authorization mechanisms, ensuring least privilege principles are enforced. 7. Educate development and security teams on secure multi-tenant design principles to prevent similar flaws. 8. Consider network segmentation or zero-trust models to limit lateral movement if compromise occurs.