Executive Summary

This vulnerability exists in LiteLLM versions prior to 1.83.14 and allows an authenticated internal user to create API keys that grant access to routes beyond their assigned permissions.

When generating an API key, the system does not verify whether the specified allowed routes fall within the user's own role permissions.

As a result, a user can create a key with access to admin-only routes and use it to bypass role-based access controls, effectively escalating their privileges from an internal user to a proxy administrator.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to full privilege escalation, allowing an internal user to gain unauthorized administrative access.

An attacker exploiting this flaw could perform actions reserved for administrators, potentially compromising the confidentiality, integrity, and availability of the system.

This could result in unauthorized data access, modification, or deletion, as well as disruption of services.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in LiteLLM prior to version 1.83.14 allows an authenticated internal user to escalate privileges to full administrative control by creating API keys with unauthorized access. This privilege escalation can lead to unauthorized access to sensitive data and administrative functions.

Such unauthorized access and privilege escalation can result in violations of common compliance standards and regulations like GDPR and HIPAA, which require strict access controls and protection of sensitive data. Failure to enforce role-based access controls and prevent privilege escalation undermines data confidentiality, integrity, and accountability requirements mandated by these regulations.

Therefore, this vulnerability poses a significant risk to compliance by enabling attackers to bypass security controls and potentially access or manipulate protected data and system functions.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves unauthorized creation of API keys with elevated route permissions by authenticated internal users. Detection involves monitoring API key generation requests, especially calls to the /key/generate endpoint, to identify keys created with allowed_routes that exceed the user's role permissions.

You should audit logs for API key creation events where the allowed_routes field includes admin-only routes or routes not permitted for the user's role. Additionally, monitor usage of API keys that access admin-only routes such as /user/update.

Suggested commands or approaches include:

• Query your system or proxy logs for API key creation events and inspect the allowed_routes parameter for unauthorized routes.
• Use network monitoring tools to detect requests to admin-only endpoints made by API keys that should not have such access.
• If your system supports it, run queries or scripts to list all API keys and their allowed_routes, checking for any keys with permissions beyond the creator's role.
• Example (pseudo-command): grep or filter logs for '/key/generate' requests and inspect allowed_routes fields.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation is to upgrade LiteLLM to version 1.83.14 or later, where this vulnerability has been fixed by enforcing strict validation of the allowed_routes field during API key generation.

The fix restricts setting allowed_routes to proxy administrators only, preventing internal users from creating keys with unauthorized route access.

Additional immediate steps include:

• Review and revoke any API keys created before the patch that have elevated permissions.
• Audit user roles and permissions to ensure no unauthorized privilege escalations have occurred.
• Implement monitoring and alerting on key generation and usage of admin-only routes.
• Apply any configuration or access control changes recommended in the patch notes to harden authorization checks.

Useful 0 Not Useful 0