CVE-2024-5710
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-5710
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-5710.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-5710
- Aliases
- Published
- 2024-06-27T19:15:15Z
- Modified
- 2025-02-19T03:42:25.775570Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
berriai/litellm version 1.34.34 is vulnerable to improper access control in its team management functionality. This vulnerability allows attackers to perform unauthorized actions such as creating, updating, viewing, deleting, blocking, and unblocking any teams, as well as adding or deleting any member to or from any teams. The vulnerability stems from insufficient access control checks in various team management endpoints, enabling attackers to exploit these functionalities without proper authorization.
- References
Affected packages
Git / github.com/berriai/litellm
Affected ranges
- Type
- GIT
- Repo
- https://github.com/berriai/litellm
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.16.12
1.16.13
1.16.14
1.34.2
1.34.20-stable
1.34.28.dev3
Other
latest
pr-litellm-spend-logs-db
stable
test
v.*
v.1.32.34-stable
v0.*
v0.1.387
v0.1.492
v0.1.574
v0.1.738
v0.11.1
v0.8.4
v1.*
v1.1.0
v1.10.4
v1.11.1
v1.15.0
v1.15.5
v1.16-test2
v1.16-test3
v1.16-test4
v1.16.13
v1.16.15
v1.16.16
v1.16.17
v1.16.17-test
v1.16.17-test2
v1.16.17-test3
v1.16.18
v1.16.19
v1.16.20
v1.16.20.dev1
v1.16.20.dev3
v1.16.21
v1.16.3
v1.16.6
v1.17.0
v1.17.1
v1.17.10
v1.17.12
v1.17.13
v1.17.14
v1.17.15
v1.17.16
v1.17.17
v1.17.18
v1.17.2
v1.17.3
v1.17.4
v1.17.5
v1.17.6
v1.17.7
v1.17.8
v1.17.9
v1.18.0
v1.18.1
v1.18.10
v1.18.11
v1.18.12
v1.18.13
v1.18.2
v1.18.3
v1.18.4
v1.18.5
v1.18.6
v1.18.7
v1.18.8
v1.18.9
v1.19.0
v1.19.2
v1.19.3
v1.19.4
v1.19.6
v1.20.0
v1.20.1
v1.20.2
v1.20.3
v1.20.5
v1.20.6
v1.20.7
v1.20.8
v1.20.9
v1.21.0
v1.21.1
v1.21.4
v1.21.5
v1.21.6
v1.21.7
v1.22.10
v1.22.11
v1.22.2
v1.22.3
v1.22.5
v1.22.8
v1.22.9
v1.23.0
v1.23.1
v1.23.10
v1.23.12
v1.23.14
v1.23.15
v1.23.16
v1.23.2
v1.23.3
v1.23.4
v1.23.5
v1.23.7
v1.23.8
v1.23.9
v1.24.1
v1.24.3
v1.24.5
v1.24.6
v1.25.0
v1.25.1
v1.25.2
v1.26.0
v1.26.1
v1.26.10
v1.26.11
v1.26.13
v1.26.2
v1.26.3
v1.26.4
v1.26.5
v1.26.6
v1.26.7
v1.26.8
v1.26.9
v1.27.1
v1.27.10
v1.27.14
v1.27.15
v1.27.4
v1.27.6
v1.27.7
v1.27.8
v1.27.9
v1.28.0
v1.28.1
v1.28.10
v1.28.11
v1.28.13
v1.28.2
v1.28.3
v1.28.4
v1.28.6
v1.28.7
v1.28.8
v1.28.9
v1.29.1
v1.29.3
v1.29.4
v1.29.5
v1.29.7
v1.30.0
v1.30.1
v1.30.2
v1.30.3
v1.30.4
v1.30.5
v1.30.6
v1.30.7
v1.31.10
v1.31.12
v1.31.12-dev
v1.31.12-dev1
v1.31.12-dev3
v1.31.13
v1.31.14
v1.31.15
v1.31.16
v1.31.17
v1.31.2
v1.31.3
v1.31.4
v1.31.5
v1.31.6
v1.31.7
v1.31.8
v1.31.9
v1.32.1
v1.32.3
v1.32.33-stable
v1.32.33.dev1
v1.32.4
v1.32.7
v1.32.7.dev1
v1.32.7.dev3
v1.32.7.dev5
v1.32.9
v1.33.0
v1.33.1
v1.33.2
v1.33.3
v1.33.4
v1.33.7
v1.33.8
v1.33.9
v1.34.0
v1.34.1
v1.34.10
v1.34.10.dev1
v1.34.12
v1.34.13
v1.34.14
v1.34.16
v1.34.17
v1.34.18
v1.34.19
v1.34.20
v1.34.21
v1.34.21-stable
v1.34.22
v1.34.22-stable
v1.34.22.dev15-stable
v1.34.23-stable
v1.34.25
v1.34.26
v1.34.27
v1.34.28
v1.34.28.dev12
v1.34.29
v1.34.3
v1.34.33
v1.34.34
v1.34.4
v1.34.4.dev1
v1.34.4.dev2
v1.34.5
v1.34.6
v1.34.8
v1.34.8.dev1
v1.7.1
v1.7.11