Skip to content

[Security Issue] VertexAiSessionService return a invalid session when user_id is not correct. #1653

New issue
New issue
Closed
Closed
[Security Issue] VertexAiSessionService return a invalid session when user_id is not correct.#1653
Assignees
DeanChensj
Labels
bot triaged[Bot] This issue is triaged by ADK botservices[Component] This issue is related to runtime services, e.g. sessions, memory, artifacts, etc
@soundTricker

Description

@soundTricker
soundTricker
opened on Jun 26, 2025

** Please make sure you read the contribution guide and file the issues in the right place. **
Contribution guide.

Describe the bug
VertexAiSessionService retrieves unique data by session_id, and if the session_id is the same, the same session will be retrieved even if the user_id is different.

Example:

session_service = VertexAiSessionService()
user_1_session = await session_service.create_session(app_name="test", user_id="user_1", state={"user1_secret_content": "xxxxxx"})
user_2_session = await session_service.create_session(app_name="test", user_id="user_2", state={"user2_secret_content": "xxxxxx"})

session = await session_service.get_session(app_name="test", user_id="user_1", session_id=user_2_session.id)

print(session.id) # print user_2_session.id
print(session.user_id) # print user_1
print(session.sate) # print {"user2_secret_content": "xxxxxx"}

To Reproduce

Run the code.

Expected behavior

await session_service.get_session() should be return None, when the combination of SessionID and UserID is incorrect.
The vertex ai agent engine session has user_id, so i think it easy to check by VertexAiSessionService when fetching the session.
Currently VertexAiSessionService implementation override it by passing user_id when fetching the session like below.

    # Get session resource
    get_session_api_response = await api_client.async_request(
        http_method='GET',
        path=f'reasoningEngines/{reasoning_engine_id}/sessions/{session_id}',
        request_dict={},
    )
    get_session_api_response = _convert_api_response(get_session_api_response)
    
    # it should check `get_session_api_response["user_id"]` and arguments `user_id`

    session_id = get_session_api_response['name'].split('/')[-1]
    update_timestamp = isoparse(
        get_session_api_response['updateTime']
    ).timestamp()
    session = Session(
        app_name=str(app_name),
        user_id=str(user_id), # it should be `get_session_api_response["user_id"]` 
        id=str(session_id),
        state=get_session_api_response.get('sessionState', {}),
        last_update_time=update_timestamp,
    )

Desktop (please complete the following information):

  • Python version(python -V): python3.12
  • ADK version(pip show google-adk):1.4.2

Additional context
I will write a PR soon.

Metadata

Metadata

Assignees

Labels

bot triaged[Bot] This issue is triaged by ADK botservices[Component] This issue is related to runtime services, e.g. sessions, memory, artifacts, etc

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions