Open WebUI Improper Authorization Control Vulnerability Allowing Unauthorized API Access

A vulnerability exists in Open WebUI, an offline artificial intelligence platform, prior to version 0.1.124. The issue stems from the API's failure to properly validate user roles, specifically for accounts marked as 'pending'. When new sign-ups are enabled, users are assigned a 'pending' role by default, requiring administrative intervention to change their status before they can access the application. This vulnerability allows 'pending' users to make authenticated API calls as if they had a 'user' role, bypassing the intended authorization process.

Impact

Exploitation of this vulnerability allows 'pending' users to access authenticated API endpoints and the web application interface, potentially leading to unauthorized actions or data access.

Reproduction

To reproduce this vulnerability, create a new user account with the default 'pending' role. After registration, the account can be used to make authenticated API calls by including the provided JWT in the Authorization header. This bypasses the role restriction, as the API does not verify if the user is authorized to have 'user' or 'admin' privileges. The '/ollama/api/tags' endpoint can be accessed as a proof of concept, demonstrating the unauthorized access granted by this vulnerability.

Remediation

Users are advised to update Open WebUI to version 0.1.124 or later, where this vulnerability has been fixed.