CVE-2025-53374
BaseFortify
Publication date: 2025-07-07
Last updated on: 2025-09-29
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dokploy | dokploy | to 0.23.7 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-359 | The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-53374 is a vulnerability in Dokploy where an authenticated low-privileged user within an organization can retrieve detailed profile information about other users in the same organization by directly invoking the user.one endpoint. This unauthorized access exposes personally identifiable information (PII) such as email addresses, user roles, two-factor authentication status, organization IDs, and various account flags. The issue arises because there were insufficient access control checks on who can retrieve user information. The vulnerability has been fixed by adding authorization checks to ensure only the user themselves or organization owners can access such information. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by exposing your personally identifiable information (PII) such as your email address, role, two-factor authentication status, organization ID, and account flags to other authenticated users with low privileges in the same organization. This unauthorized disclosure of sensitive information can lead to privacy violations and potentially facilitate further attacks or social engineering within the organization. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the user profile information of other users within the same organization using an authenticated low-privileged account. Specifically, sending requests to the `user.one` API endpoint to retrieve detailed profile information of other users can reveal if the system is vulnerable. There are no explicit commands provided, but a practical approach is to use an authenticated HTTP client (e.g., curl or Postman) to invoke the `user.one` endpoint with different user IDs and observe if PII such as email addresses, roles, or two-factor status is disclosed without proper authorization. [2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, upgrade Dokploy to version 0.23.7 or later, where the issue has been fixed. The fix introduces authorization checks that restrict access to user information only to the user themselves or organization owners. If upgrading immediately is not possible, restrict access to the `user.one` endpoint to trusted users only and monitor for unauthorized access attempts. Implementing additional access control measures at the network or application level can help reduce exposure until the patch is applied. [1, 2]