Impact
OpenHarness exposes its /resume and /summary HTTP gateway commands with a default setting that allows any remote sender to invoke them. By sending crafted requests, an attacker can enumerate existing session snapshots and load them by numeric ID. The snapshots may contain private prompts, credentials, tool output, and file paths. This results in disclosure of sensitive information and is identified as a CWE‑862 Access Control weakness.
Affected Systems
The vulnerability applies to the HKUDS:OpenHarness product, specifically the ohmo gateway component that processes the /resume and /summary commands. No specific version information is provided in the advisory, so all releases that have not applied the commit 92e298852c9b9c8c2266236292073623418c640a remain affected.
Risk and Exploitability
The CVSS score of 7.1 indicates a moderate severity. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog. The attack is likely to be performed remotely by any host that can reach the gateway channel; no additional authentication or local access is required. Because the flaw allows arbitrary session content to be retrieved, the impact can be significant in environments where session data contains privileged information.
OpenCVE Enrichment