CVE-2022-39374

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that room. This can be exploited in a way that causes all further messages and state changes sent in that room from the vulnerable homeserver to be rejected. This issue has been patched in version 1.68.0

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/matrix-org/synapse/pull/13723	Issue Tracking Patch
https://github.com/matrix-org/synapse/security/advisories/GHSA-p9qp-c452-f9r7	Mitigation Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJIJRP5ZH6B3KGFLHCAKR2IX2Y4Z25QD/

Configurations

Configuration 1 (hide)

cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*

History

18 Sep 2023, 04:15

Type	Values Removed	Values Added
References		(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJIJRP5ZH6B3KGFLHCAKR2IX2Y4Z25QD/ -

02 Jun 2023, 14:41

Type	Values Removed	Values Added
First Time		Matrix Matrix synapse
CPE		cpe:2.3:a:matrix:synapse::::::::
CWE		CWE-400
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
References	~~(MISC) https://github.com/matrix-org/synapse/security/advisories/GHSA-p9qp-c452-f9r7 -~~	(MISC) https://github.com/matrix-org/synapse/security/advisories/GHSA-p9qp-c452-f9r7 - Mitigation, Vendor Advisory
References	~~(MISC) https://github.com/matrix-org/synapse/pull/13723 -~~	(MISC) https://github.com/matrix-org/synapse/pull/13723 - Issue Tracking, Patch

26 May 2023, 15:56

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-05-26 14:15

Updated : 2023-12-10 15:01

NVD link : CVE-2022-39374

Mitre link : CVE-2022-39374

CVE.ORG link : CVE-2022-39374

JSON object : View

Products Affected

matrix

synapse

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2022-39374", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2023-05-26T14:15:10.257", "references": [{"url": "https://github.com/matrix-org/synapse/pull/13723", "tags": ["Issue Tracking", "Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-p9qp-c452-f9r7", "tags": ["Mitigation", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJIJRP5ZH6B3KGFLHCAKR2IX2Y4Z25QD/", "source": "security-advisories@github.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that room. This can be exploited in a way that causes all further messages and state changes sent in that room from the vulnerable homeserver to be rejected. This issue has been patched in version 1.68.0\n\n"}, {"lang": "es", "value": "Synapse es un servidor dom\u00e9stico Matrix de c\u00f3digo abierto escrito y mantenido por la Fundaci\u00f3n Matrix.org. Si Synapse y un servidor dom\u00e9stico malicioso est\u00e1n unidos a la misma habitaci\u00f3n, el servidor dom\u00e9stico malicioso puede enga\u00f1ar a Synapse para que acepte eventos previamente rechazados en su vista del estado actual de esa sala. Esto se puede explotar de una manera que haga que todos los mensajes adicionales y los cambios de estado enviados en esa habitaci\u00f3n desde el servidor dom\u00e9stico vulnerable sean rechazados. Este problema se ha corregido en la versi\u00f3n 1.68.0 "}], "lastModified": "2023-09-18T04:15:09.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E4819D4-BB7E-4494-B77D-FC6BD5848FE6", "versionEndExcluding": "1.68.0", "versionStartIncluding": "1.62.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}