LiteLLM has an authentication bypass via OIDC userinfo cache key collision

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Fixed in v1.83.0.

N/A

认证机制不恰当

LiteLLM 授权问题漏洞

LiteLLM是Berri AI开源的一个应用程序。可以使用 OpenAI 格式调用所有 LLM API。 LiteLLM 1.83.0之前版本存在授权问题漏洞，该漏洞源于启用JWT身份验证时，OIDC用户信息缓存使用token[:20]作为缓存键，可能导致未经身份验证的攻击者制作前20个字符与合法用户缓存令牌匹配的令牌，从而继承其身份和权限。

N/A

N/A