| 제목 | NousResearch hermes-agent <= v0.12.0 Authorization Bypass Through User-Controlled Key (CWE-639) |
|---|
| 설명 | # Technical Details
An Authorization Bypass exists in the `resolve_session_by_title` method in `hermes_state.py` and `gateway/run.py` of hermes-agent.
The application fails to restrict session title lookups to the requesting user's identity or platform, enabling global unscoped database queries.
# Vulnerable Code
File: hermes_state.py
Method: resolve_session_by_title / get_session_by_title
Why: The SQL queries resolve a session using only the `title` parameter without filtering by `user_id` or `source`. The callers in the gateway and CLI do not provide these authentication parameters.
# Reproduction
1. A victim creates a session and gives it a title (e.g., `SecretProject`).
2. An attacker on any platform sends the command `/resume SecretProject`.
3. The gateway looks up the title globally, retrieves the victim's session ID, and redirects the attacker's active session to it.
4. The attacker gains full access to the victim's conversation history.
# Impact
- Full read/write access to hijacked conversation history across multi-user deployments.
- Exposure of sensitive data, secrets, credentials, and PII.
- Agent command injection, allowing the attacker to execute tools and requests in the context of the victim's session. |
|---|
| 원천 | ⚠️ https://gist.github.com/YLChen-007/7951b3dc39193fb675914cc5d8b672fa |
|---|
| 사용자 | Eric-b (UID 96354) |
|---|
| 제출 | 2026. 05. 14. AM 07:12 (30 날 ago) |
|---|
| 모더레이션 | 2026. 06. 07. AM 09:28 (24 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 369081 [NousResearch hermes-agent 까지 0.12.0 resume Endpoint hermes_state.py resolve_session_by_title 제목 권한 상승] |
|---|
| 포인트들 | 20 |
|---|