CVE-2024-5710

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jun 27, 2024

Updated: Jul 1, 2024

CWE ID 284

Summary

CVE-2024-5710 is a newly disclosed vulnerability affecting version 1.34.34 of the berriai/litellm team management software. This issue allows unauthorized access to team management functionalities, enabling attackers to create, update, view, delete, block, and unblock teams as well as add or remove members without proper authorization. The root cause is insufficient access control checks in various team management endpoints, making these functions exploitable by attackers. This vulnerability poses a significant risk to organizations using the software, allowing potential data breaches or disruptions. It is recommended that users upgrade to the latest version of the software as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-5710

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations