CVE-2024-9606 – This vulnerability in berriai/litellm's logging... (How to Fix)

📋 TL;DR

This vulnerability in berriai/litellm's logging function only masks the first 5 characters of API keys, exposing nearly the entire secret key in application logs. Any system running affected versions that logs API key operations is vulnerable, potentially exposing sensitive credentials to anyone with log access.

💻 Affected Systems

Products:

berriai/litellm

Versions: Versions before 1.44.12, specifically affects v1.44.9

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability only triggers when API key operations are logged, which may depend on logging configuration.

📦 What is this software?

Litellm by Litellm

View all CVEs affecting Litellm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full API key exposure leading to unauthorized access to external AI services, data exfiltration, and potential account takeover with associated costs and data breaches.

🟠

Likely Case

API key leakage in logs accessible to administrators or monitoring systems, enabling credential harvesting and subsequent unauthorized API usage.

🟢

If Mitigated

Limited exposure if logs are properly secured with restricted access, encryption, and regular rotation of exposed credentials.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires access to application logs where API keys are recorded, typically through compromised systems or insufficient log security.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.44.12

Vendor Advisory: https://github.com/berriai/litellm/commit/9094071c4782183e84f10630e2450be3db55509a

Restart Required: No

Instructions:

1. Update litellm to version 1.44.12 or later using pip: pip install --upgrade litellm>=1.44.12
2. Verify the update completed successfully
3. Rotate any API keys that may have been exposed in logs

🔧 Temporary Workarounds

Disable API key logging

all

Configure logging to exclude API key operations or disable detailed logging for sensitive operations

Configure logging settings in your application to filter out litellm_core_utils/litellm_logging.py output

Implement log filtering

all

Add post-processing to mask API keys in existing logs before storage or viewing

Use log processing tools (logstash, fluentd, custom scripts) to redact API key patterns in log files

🧯 If You Can't Patch

Immediately rotate all API keys used by the application and monitor for unauthorized usage
Restrict access to application logs using strict permissions, encryption, and access controls

🔍 How to Verify

Check if Vulnerable:

Check if litellm version is below 1.44.12 and review logs for unmasked API keys (look for patterns where only first 5 characters are masked)

Check Version:

python -c "import litellm; print(litellm.__version__)"

Verify Fix Applied:

After updating, test logging functionality with a test API key and verify the entire key is properly masked in logs

📡 Detection & Monitoring

Log Indicators:

API keys in logs with only first 5 characters masked (e.g., 'sk-abc...' followed by unmasked characters)
Patterns matching API key formats in application logs

Network Indicators:

Unusual API usage patterns from unexpected sources
Increased API call volumes from new IP addresses

SIEM Query:

source="application_logs" AND "sk-" AND NOT "sk-*****"

📊 Metadata

CVE ID: CVE-2024-9606

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-117

EPSS Score: 0.11% exploit probability (29.4th percentile)

Published: March 20, 2025

Last Updated: April 7, 2025

🔗 References

https://github.com/berriai/litellm/commit/9094071c4782183e84f10630e2450be3db55509a Patch
https://huntr.com/bounties/4a03796f-a8d4-4293-84ef-d3959456223a Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-9606, you might also want to check these: