A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/completions`, causing the application to send the request to the domain specified by `api_base`. This request includes the OpenAI API key. A malicious user can set the `api_base` to their own domain and intercept the OpenAI API key, leading to unauthorized access and potential misuse of the API key.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 20 Sep 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Litellm
Litellm litellm
CPEs cpe:2.3:a:litellm:litellm:1.38.10:*:*:*:*:*:*:*
Vendors & Products Litellm
Litellm litellm
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


Fri, 13 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Berriai
Berriai litellm
CPEs cpe:2.3:a:berriai:litellm:*:*:*:*:*:*:*:*
Vendors & Products Berriai
Berriai litellm
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 13 Sep 2024 16:15:00 +0000

Type Values Removed Values Added
Description A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/completions`, causing the application to send the request to the domain specified by `api_base`. This request includes the OpenAI API key. A malicious user can set the `api_base` to their own domain and intercept the OpenAI API key, leading to unauthorized access and potential misuse of the API key.
Title SSRF in berriai/litellm
Weaknesses CWE-918
References
Metrics cvssV3_0

{'score': 7.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published:

Updated: 2024-09-13T16:53:11.849Z

Reserved: 2024-07-08T21:33:48.001Z

Link: CVE-2024-6587

cve-icon Vulnrichment

Updated: 2024-09-13T16:53:02.619Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-13T16:15:04.637

Modified: 2024-09-20T14:55:16.423

Link: CVE-2024-6587

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.