CVE-2025-7974
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2025-09-04

Assigner: Zero Day Initiative

Description
rocket.chat Incorrect Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of rocket.chat. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 3000 by default. The issue results from incorrect authorization. An attacker can leverage this vulnerability to disclose information in the context of the application. Was ZDI-CAN-26517.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2025-09-04
Generated
2026-06-16
AI Q&A
2025-09-02
EPSS Evaluated
2026-06-14
NVD
CVE-2025-7974
EUVD
EUVD-2025-26448
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rocket.chat rocket.chat *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-7974 is an information disclosure vulnerability in rocket.chat caused by incorrect authorization in its web service, which listens on TCP port 3000 by default. This flaw allows remote attackers to disclose sensitive information within the application context without requiring authentication. Exploiting this vulnerability requires high attack complexity but does not affect the integrity or availability of the system. [1]

Impact Analysis

This vulnerability can impact you by allowing remote attackers to access sensitive information from your rocket.chat installation without needing to authenticate. Although the impact on confidentiality is considered low, unauthorized disclosure of sensitive data could lead to privacy concerns or information leakage within your organization. [1]

Detection Guidance

You can detect this vulnerability by checking if the rocket.chat web service is running and listening on TCP port 3000, which is the default port affected. A network scan command such as 'nmap -p 3000 <target-ip>' can help identify if the service is exposed. Additionally, reviewing the rocket.chat version installed can help determine if it is vulnerable, as versions prior to 7.8.0, 7.7.2, 7.6.4, 7.5.3, 7.4.4, and 7.3.6 are affected. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade rocket.chat to one of the fixed versions: 7.8.0, 7.7.2, 7.6.4, 7.5.3, 7.4.4, or 7.3.6. Since the vulnerability is due to incorrect authorization in the web service, applying these updates will resolve the issue. Additionally, restricting access to TCP port 3000 from untrusted networks can reduce exposure until the update is applied. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7974. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart