Impact
The flaw is located in BerriAI litellm’s M2M JWT Handler in the file litellm/proxy/auth/user_api_key_auth.py. It permits manipulation of an unknown function, so the system may accept a request that should otherwise be rejected. The result is that a user or client can gain access to functions or data for which they do not have permission. This flaw is classified as an authorization error, represented by the CWE identifiers for improper privilege management, improper authorization, and credential manipulation.
Affected Systems
BerriAI litellm versions up through 1.82.2 are impacted. The vulnerability exists in the litellm/proxy/auth/user_api_key_auth.py module of the M2M JWT Handler. Users running any package version up to 1.82.2 should review their installed version and, if applicable, update past 1.82.2.
Risk and Exploitability
A CVSS score of 2.3 denotes a low overall risk. The exploit code is publicly available, but the vendor notes that the attack has high complexity and is reported as difficult. The EPSS value of <1% indicates a very low probability of exploitation. The vulnerability is not listed in CISA KEV, implying no widespread exploitation has been observed. Administrators should consider the risk level proportionate to the sensitivity of the affected services.
OpenCVE Enrichment