CVE-2021-39163

{"id": "CVE-2021-39163", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.6}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.6}]}, "published": "2021-08-31T16:15:07.950", "references": [{"url": "https://github.com/matrix-org/synapse/commit/cb35df940a", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/matrix-org/synapse/releases/tag/v1.41.1", "tags": ["Release Notes", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-jj53-8fmw-f2w2", "tags": ["Mitigation", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VHDEPCZ22GJFMZCWA2XZAGPOEV72POF/", "source": "security-advisories@github.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXT7ID7DNBRN2TVTETU3SYQHJKEG6PXN/", "source": "security-advisories@github.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable homeserver is in the room and untrusted users are permitted to create groups (communities). By default, only homeserver administrators can create groups. However, homeserver administrators can already access this information in the database or using the admin API. As a result, only homeservers where the configuration setting `enable_group_creation` has been set to `true` are impacted. Server administrators should upgrade to 1.41.1 or higher to patch the vulnerability. There are two potential workarounds. Server administrators can set `enable_group_creation` to `false` in their homeserver configuration (this is the default value) to prevent creation of groups by non-administrators. Administrators that are using a reverse proxy could, with partial loss of group functionality, block the endpoints `/_matrix/client/r0/groups/{group_id}/rooms` and `/_matrix/client/unstable/groups/{group_id}/rooms`."}, {"lang": "es", "value": "Matrix es un ecosistema para la Mensajer\u00eda Instant\u00e1nea federada abierta y Voz sobre IP. En versiones 1.41.0 y anteriores, unos usuarios no autorizados pueden acceder al nombre, avatar, tema y n\u00famero de miembros de una sala si conocen el ID de la misma. Esta vulnerabilidad es limitada a servidores dom\u00e9sticos en los que el servidor dom\u00e9stico vulnerable se encuentra en la sala y los usuarios no confiables pueden crear grupos (comunidades). Por defecto, s\u00f3lo los administradores de servidores dom\u00e9sticos pueden crear grupos. Sin embargo, los administradores de homeservers ya pueden acceder a esta informaci\u00f3n en la base de datos o usando la API de administraci\u00f3n. Como resultado, s\u00f3lo los servidores dom\u00e9sticos en los que el ajuste de configuraci\u00f3n \"enable_group_creation\" es ajustado en \"true\" est\u00e1n afectados. Los administradores de servidores deben actualizar a versi\u00f3n 1.41.1 o superior para parchear la vulnerabilidad. Se presenta dos posibles soluciones. Los administradores del servidor pueden ajustar \"enable_group_creation\" en 'false\" en la configuraci\u00f3n de su servidor dom\u00e9stico (este es el valor por defecto) para prevenir la creaci\u00f3n de grupos por parte de no administradores. Los administradores que est\u00e1n usando un proxy inverso podr\u00edan, con p\u00e9rdida parcial de la funcionalidad group, bloquear los endpoints \"/_matrix/client/r0/groups/{group_id}/rooms\" y \"/_matrix/client/unstable/groups/{group_id}/rooms\""}], "lastModified": "2023-11-07T03:37:34.867", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF9F987A-3EF9-4754-B4FF-8EF55DBAC9AC", "versionEndExcluding": "1.41.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}