CVE-2025-48381
📋 TL;DR
This vulnerability allows authenticated CVAT users to enumerate all task, project, label, job, and quality report IDs and names on the instance. It can also cause resource exhaustion if many resources exist, potentially denying service to legitimate users. Affects CVAT instances running versions 2.4.0 through 2.37.x.
💻 Affected Systems
- Computer Vision Annotation Tool (CVAT)
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Denial of service through resource exhaustion, combined with information disclosure that could aid targeted attacks on specific tasks or projects.
Likely Case
Unauthorized enumeration of organizational data structure and resource inventory, potentially revealing sensitive project names and organizational workflows.
If Mitigated
Limited information disclosure with no service disruption if proper access controls and rate limiting are in place.
🎯 Exploit Status
Exploitation requires authenticated access; the vulnerability is in API endpoints that return enumeration data.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.38.0
Vendor Advisory: https://github.com/cvat-ai/cvat/security/advisories/GHSA-7484-2gfm-852p
Restart Required: Yes
Instructions:
1. Backup your CVAT data and configuration. 2. Update to CVAT version 2.38.0 or later using your deployment method (docker-compose pull, helm upgrade, etc.). 3. Restart all CVAT services. 4. Verify the update completed successfully.
🔧 Temporary Workarounds
Implement API Rate Limiting
allAdd rate limiting to CVAT API endpoints to prevent resource exhaustion attacks.
# Configure rate limiting in your reverse proxy (nginx example)
limit_req_zone $binary_remote_addr zone=cvat_api:10m rate=10r/s;
location /api/ { limit_req zone=cvat_api burst=20 nodelay; }
Restrict User Permissions
allImplement least privilege access controls to limit which users can access enumeration endpoints.
# Review and adjust CVAT user roles and permissions
# Ensure users only have access to resources they need
🧯 If You Can't Patch
- Implement strict network segmentation to isolate CVAT instances from untrusted networks.
- Deploy Web Application Firewall (WAF) rules to detect and block enumeration patterns.
🔍 How to Verify
Check if Vulnerable:
Check if your CVAT version is between 2.4.0 and 2.37.x inclusive. Authenticated users can test if API endpoints return enumeration data beyond their authorized scope.Check Version:
docker exec cvat_server python manage.py --version 2>/dev/null || check CVAT web interface footerVerify Fix Applied:
After updating to 2.38.0+, verify that authenticated users can only access resources they're authorized to see, and that enumeration endpoints properly restrict data.📡 Detection & Monitoring
Log Indicators:
- Multiple rapid API calls to enumeration endpoints from single user
- Unusual pattern of /api/tasks, /api/projects, /api/jobs requests
Network Indicators:
- High volume of GET requests to CVAT API endpoints
- Pattern of sequential ID enumeration in API requests
SIEM Query:
source="cvat_logs" AND (uri_path="/api/tasks" OR uri_path="/api/projects" OR uri_path="/api/jobs") | stats count by src_ip, user | where count > threshold