📄 الوصف (الإنجليزية)
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text to unauthenticated users via the `/api/setup-complete` endpoint. Leakage of QdrantApiKey allows an unauthenticated attacker full read/write access to the Qdrant vector database instance used by AnythingLLM. Since Qdrant often stores the core knowledge base for RAG in AnythingLLM, this can lead to complete compromise of the semantic search / retrieval functionality and indirect leakage of confidential uploaded documents. Version 1.10.0 patches the issue.
🤖 ملخص AI
AnythingLLM versions prior to 1.10.0 expose Qdrant API keys in plain text via an unauthenticated endpoint, allowing attackers to gain full read/write access to vector databases containing sensitive organizational knowledge and documents. This vulnerability is particularly critical for Saudi organizations using AnythingLLM for document processing and AI-powered search, as it enables complete compromise of confidential data stored in vector databases. With exploits already available and affecting multiple sectors, immediate patching is essential.
📄 الوصف (العربية)
🤖 التحليل الذكي آخر تحليل: May 4, 2026 14:17
🇸🇦 التأثير على المملكة العربية السعودية
This vulnerability poses significant risk to Saudi financial institutions (SAMA-regulated banks) using AnythingLLM for document analysis and compliance research, government agencies (NCA oversight) processing classified information through AI systems, healthcare organizations (MOH) storing patient data and medical documents, energy sector (ARAMCO, SEC) managing technical documentation, and telecommunications providers (STC, Mobily) using AI for customer service. The exposure of vector database contents could lead to unauthorized access to proprietary research, financial models, customer data, and strategic documents. Organizations in regulated sectors face compliance violations under NCA ECC 2024 and SAMA CSF requirements.
🏢 القطاعات السعودية المتأثرة
Banking and Financial Services
Government and Public Administration
Healthcare
Energy and Utilities
Telecommunications
Insurance
Legal Services
Education
🎯 تقنيات MITRE ATT&CK
T1526 - Exposure of Sensitive Information
T1589 - Gather Victim Identity Information
T1590 - Gather Victim Network Information
T1592 - Gather Victim Host Information
T1110 - Brute Force
T1555 - Credentials from Password Stores
T1187 - Forced Authentication
T1040 - Network Sniffing
T1213 - Data from Information Repositories
T1530 - Data from Cloud Storage
⚖️ درجة المخاطر السعودية (AI)
8.2
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Upgrade AnythingLLM to version 1.10.0 or later immediately
2. Rotate all Qdrant API keys used with AnythingLLM instances
3. Audit Qdrant access logs for unauthorized access since deployment
4. Review vector database contents for unauthorized modifications or data exfiltration
PATCHING GUIDANCE:
1. Test version 1.10.0 in non-production environment first
2. Schedule maintenance window for production upgrades
3. Backup Qdrant database before patching
4. Verify API key is no longer exposed after upgrade via curl -s http://localhost:3001/api/setup-complete | grep -i qdrant
COMPENSATING CONTROLS (if immediate patching not possible):
1. Implement network-level access controls restricting /api/setup-complete endpoint to authenticated users only
2. Deploy WAF rules blocking unauthenticated access to setup endpoints
3. Rotate Qdrant API keys immediately and implement key rotation policy
4. Monitor Qdrant access logs for suspicious activity
5. Isolate AnythingLLM instances on separate network segments
DETECTION RULES:
1. Monitor for GET/POST requests to /api/setup-complete from unauthenticated sources
2. Alert on Qdrant API key exposure in HTTP responses
3. Track unusual Qdrant database access patterns or bulk data retrieval
4. Monitor for API key usage from unexpected IP addresses or geographic locations
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. ترقية AnythingLLM إلى الإصدار 1.10.0 أو أحدث فوراً
2. تدوير جميع مفاتيح واجهة برمجة تطبيقات Qdrant المستخدمة مع حالات AnythingLLM
3. تدقيق سجلات وصول Qdrant للكشف عن الوصول غير المصرح به منذ النشر
4. مراجعة محتويات قاعدة البيانات المتجهة للتعديلات غير المصرح بها أو تسرب البيانات
إرشادات التصحيح:
1. اختبار الإصدار 1.10.0 في بيئة غير الإنتاج أولاً
2. جدولة نافذة صيانة لترقيات الإنتاج
3. نسخ احتياطي من قاعدة بيانات Qdrant قبل التصحيح
4. التحقق من عدم تعريض مفتاح API بعد الترقية عبر curl -s http://localhost:3001/api/setup-complete | grep -i qdrant
الضوابط البديلة (إذا لم يكن التصحيح الفوري ممكناً):
1. تنفيذ ضوابط الوصول على مستوى الشبكة لتقييد نقطة النهاية /api/setup-complete للمستخدمين المصرح لهم فقط
2. نشر قواعد جدار الحماية لحجب الوصول غير المصرح به إلى نقاط نهاية الإعداد
3. تدوير مفاتيح واجهة برمجة تطبيقات Qdrant فوراً وتنفيذ سياسة تدوير المفاتيح
4. مراقبة سجلات وصول Qdrant للنشاط المريب
5. عزل حالات AnythingLLM على أجزاء شبكة منفصلة
قواعد الكشف:
1. مراقبة طلبات GET/POST إلى /api/setup-complete من مصادر غير مصرح بها
2. تنبيه عند تعريض مفتاح واجهة برمجة تطبيقات Qdrant في استجابات HTTP
3. تتبع أنماط وصول قاعدة بيانات Qdrant غير العادية أو استرجاع البيانات بكميات كبيرة
4. مراقبة استخدام مفتاح API من عناوين IP أو مواقع جغرافية غير متوقعة
📋 خريطة الامتثال التنظيمي
🟢 NCA ECC 2024
A.5.1.1 - Information security policies and procedures
A.6.1.2 - Access control and authentication
A.8.2.1 - Classification of information
A.8.2.3 - Handling of assets
A.12.2.1 - Monitoring and logging
A.12.4.1 - Event logging
A.13.1.1 - Network security perimeter
A.14.2.1 - Secure development policy
🔵 SAMA CSF
Governance - Information Security Governance
Identify - Asset Management
Identify - Access Control
Protect - Data Protection and Privacy
Protect - Cryptography
Detect - Security Monitoring and Alerting
Respond - Incident Response and Management
🟡 ISO 27001:2022
5.3 - Segregation of duties
6.2 - Information security policies
8.1 - Operational planning and control
8.2 - Supply chain relationships
8.3 - Information and communication
A.5.1.1 - Policies for information security
A.6.1.2 - Access control
A.8.2.1 - Classification of information
A.8.3.1 - Handling of assets
A.12.2.1 - Monitoring
A.12.4.1 - Event logging
A.13.1.1 - Network security
A.14.2.1 - Secure development
🟣 PCI DSS v4.0.1
Requirement 2.1 - Default security parameters
Requirement 6.2 - Security patches
Requirement 7.1 - Access control
Requirement 10.2 - Logging and monitoring
Requirement 10.3 - Log protection
📦 المنتجات المتأثرة 1 منتج
mintplexlabs:anythingllm