Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug]: Non Admin Users able to generate keys using other user's user_id (Vulnerability) #7336

Open
mirodrr2 opened this issue Dec 21, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@mirodrr2
Copy link

mirodrr2 commented Dec 21, 2024

What happened?

It seems like non admin users are able to generate keys using other user's user_id.

The following works:

Request

curl -X POST "https://<DeploymentUrl>/user/new" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <Admin or Master Key>" \
-d '{
     "user_id": "[email protected]",
     "user_email": "[email protected]",
     "user_role": "internal_user"
}'

Response

{"key_alias":null,"duration":null,"models":[],"spend":0.0,"max_budget":1000000000.0,"user_id":"[email protected]","team_id":null,"max_parallel_requests":null,"metadata":{},"tpm_limit":null,"rpm_limit":null,"budget_duration":"1mo","allowed_cache_controls":[],"soft_budget":null,"config":{},"permissions":{},"model_max_budget":{},"send_invite_email":null,"model_rpm_limit":null,"model_tpm_limit":null,"guardrails":null,"blocked":null,"aliases":{},"key":"<New_User_Key>","key_name":null,"expires":null,"token_id":null,"user_email":"[email protected]","user_role":"internal_user","teams":null,"user_alias":null}

And now we use that key to try to create a key for a different user_id

Request

curl -X POST "https://<DeploymentUrl>/key/generate" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <New_User_Key>" \
-d '{
     "user_id": "[email protected]"
 }'

Response

{"key_alias":null,"duration":null,"models":[],"spend":0.0,"max_budget":null,"user_id":"[email protected]","team_id":null,"max_parallel_requests":null,"metadata":{},"tpm_limit":null,"rpm_limit":null,"budget_duration":null,"allowed_cache_controls":[],"soft_budget":null,"config":{},"permissions":{},"model_max_budget":{},"send_invite_email":null,"model_rpm_limit":null,"model_tpm_limit":null,"guardrails":null,"blocked":null,"aliases":{},"key":"<Second New Key>","key_name":"sk-...tSXg","expires":null,"token_id":"78ccab11279deabc5c7f8e0dd2d5faeae69a8e78938fce93e044710794976918"}

Unless I'm misunderstanding something here, this seems like a major security bug

Relevant log output

No response

Are you a ML Ops Team?

No

What LiteLLM version are you on ?

v1.55.0

Twitter / LinkedIn details

No response

@mirodrr2 mirodrr2 added the bug Something isn't working label Dec 21, 2024
@mirodrr2 mirodrr2 changed the title [Bug]: Non Admin Users able to generate keys using other user's user_id [Bug]: Non Admin Users able to generate keys using other user's user_id (Vulnerability) Dec 21, 2024
@mirodrr2
Copy link
Author

mirodrr2 commented Dec 21, 2024

I am now pretty convinced this is a bug, because there is a check to make sure a non-admin user cannot delete another user's api keys, but there is not a similar check to make sure a user cannot create an api key using another user's user_id

chatgpt gave a pretty good summary, which I verified is accurate
https://chatgpt.com/share/67660996-edd0-8006-aff6-515de4a3cf51

Relevant code file: https://github.com/BerriAI/litellm/blob/main/litellm/proxy/management_endpoints/key_management_endpoints.py

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant