FKIE_CVE-2025-57813

Vulnerability from fkie_nvd - Published: 2025-08-26 16:15 - Updated: 2026-06-17 09:43
Severity
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an attacker who has the authority to view the log files to illicitly acquire the recorded sensitive information. This vulnerability has been patched in version 3.25.0. If upgrading is not possible, a temporary workaround involves reviewing access permissions for SQL error logs and strictly limiting access to prevent unauthorized users from viewing them.
References
security-advisories@github.comhttps://github.com/traPtitech/traQ/commit/ce5da94f5d5a8348f9ecdc82140b6f53b3721698
security-advisories@github.comhttps://github.com/traPtitech/traQ/pull/2787
security-advisories@github.comhttps://github.com/traPtitech/traQ/security/advisories/GHSA-27r7-3m9x-r533
Impacted products
Vendor Product Version
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "traQ",
          "vendor": "traPtitech",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.25.0"
            }
          ]
        }
      ],
      "source": "security-advisories@github.com"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an attacker who has the authority to view the log files to illicitly acquire the recorded sensitive information. This vulnerability has been patched in version 3.25.0. If upgrading is not possible, a temporary workaround involves reviewing access permissions for SQL error logs and strictly limiting access to prevent unauthorized users from viewing them."
    },
    {
      "lang": "es",
      "value": "traQ es una aplicaci\u00f3n de mensajer\u00eda desarrollada para Digital Creators Club traP. Antes de la versi\u00f3n 3.25.0, exist\u00eda una vulnerabilidad que permit\u00eda registrar informaci\u00f3n confidencial, como tokens OAuth, en archivos de registro cuando se produc\u00eda un error durante la ejecuci\u00f3n de una consulta SQL. Un atacante podr\u00eda generar intencionalmente un error SQL mediante m\u00e9todos como sobrecargar la base de datos. Esto podr\u00eda permitir que un atacante con autorizaci\u00f3n para ver los archivos de registro adquiera il\u00edcitamente la informaci\u00f3n confidencial registrada. Esta vulnerabilidad se ha corregido en la versi\u00f3n 3.25.0. Si no es posible actualizar, una soluci\u00f3n temporal consiste en revisar los permisos de acceso a los registros de errores SQL y limitar estrictamente el acceso para evitar que usuarios no autorizados los vean."
    }
  ],
  "id": "CVE-2025-57813",
  "lastModified": "2026-06-17T09:43:29.097",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 5.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2025-57813",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-08-26T20:37:40.419779Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2025-08-26T16:15:38.040",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/traPtitech/traQ/commit/ce5da94f5d5a8348f9ecdc82140b6f53b3721698"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/traPtitech/traQ/pull/2787"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/traPtitech/traQ/security/advisories/GHSA-27r7-3m9x-r533"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.