CVE-2025-57813
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-26

Last updated on: 2025-08-29

Assigner: GitHub, Inc.

Description
traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an attacker who has the authority to view the log files to illicitly acquire the recorded sensitive information. This vulnerability has been patched in version 3.25.0. If upgrading is not possible, a temporary workaround involves reviewing access permissions for SQL error logs and strictly limiting access to prevent unauthorized users from viewing them.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-26
Last Modified
2025-08-29
Generated
2026-05-07
AI Q&A
2025-08-26
EPSS Evaluated
2026-05-05
NVD
CVE-2025-57813
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
trap traq 3.25.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-532 The product writes sensitive information to a log file.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in traQ versions prior to 3.25.0, where sensitive information such as OAuth tokens are recorded in log files when an SQL query error happens. An attacker who can intentionally trigger SQL errors, for example by placing a high load on the database, and who has permission to view the log files, can illicitly obtain these sensitive tokens from the logs. This is due to the insertion of sensitive information into log files during error handling. [2]


How can this vulnerability impact me? :

If exploited, this vulnerability can lead to unauthorized disclosure of sensitive OAuth tokens, compromising the confidentiality and integrity of user authentication. An attacker with access to the logs can steal these tokens, potentially gaining unauthorized access to user accounts or services. The vulnerability requires high privileges to exploit and has a high attack complexity, but no impact on availability. [2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking your traQ application version to see if it is prior to 3.25.0. Additionally, inspect your SQL error log files for the presence of sensitive information such as OAuth tokens. Commands to check the version might include running the traQ service with a version flag or checking the deployed version metadata. To search logs for OAuth tokens, you could use commands like `grep -i 'oauth' /path/to/sql_error.log` or similar log inspection commands depending on your environment. Also, review the logging configuration to see if GORM logging is set to silent mode or not. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading traQ to version 3.25.0 or later where the vulnerability is fixed. If upgrading is not possible immediately, restrict access permissions to SQL error log files to prevent unauthorized users from viewing sensitive information. Additionally, revoke all existing OAuth tokens issued before the patch to mitigate the risk of token exposure from previously logged data. Another temporary measure is to configure the GORM logger to silent mode to reduce logging of sensitive information, as shown in the patch. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart