CVE-2024-47172

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 30, 2024

Updated: Oct 30, 2024

CWE ID 863

Summary

CVE-2024-47172 affects Computer Vision Annotation Tool (CVAT), an interactive video and image annotation tool for computer vision. An attacker with a CVAT account can retrieve sensitive information about projects, tasks, jobs, and membership resources on a vulnerable CVAT instance. The information disclosed is equivalent to data obtained through a GET request to the resource. Moreover, an attacker can manipulate the default source and target storage for any project or task. To mitigate this vulnerability, it is recommended to upgrade to CVAT version 2.19.1 or any subsequent release.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

CVAT

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/yyLM4a
https://www.cve.org/CVERecord?id=CVE-2024-47172
https://nvd.nist.gov/vuln/detail/CVE-2024-47172

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-47172

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations