CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
49.7%
Matrix is an ecosystem for open federated Instant Messaging and Voice over
IP. In versions 1.41.0 and prior, unauthorised users can access the name,
avatar, topic and number of members of a room if they know the ID of the
room. This vulnerability is limited to homeservers where the vulnerable
homeserver is in the room and untrusted users are permitted to create
groups (communities). By default, only homeserver administrators can create
groups. However, homeserver administrators can already access this
information in the database or using the admin API. As a result, only
homeservers where the configuration setting enable_group_creation
has
been set to true
are impacted. Server administrators should upgrade to
1.41.1 or higher to patch the vulnerability. There are two potential
workarounds. Server administrators can set enable_group_creation
to
false
in their homeserver configuration (this is the default value) to
prevent creation of groups by non-administrators. Administrators that are
using a reverse proxy could, with partial loss of group functionality,
block the endpoints /_matrix/client/r0/groups/{group_id}/rooms
and
/_matrix/client/unstable/groups/{group_id}/rooms
.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | matrix-synapse | < any | UNKNOWN |
ubuntu | 20.04 | noarch | matrix-synapse | < any | UNKNOWN |
ubuntu | 22.04 | noarch | matrix-synapse | < any | UNKNOWN |
github.com/matrix-org/synapse/commit/cb35df940a
github.com/matrix-org/synapse/commit/cb35df940a828bc40b96daed997b5ad4c7842fd3 (v1.41.1)
github.com/matrix-org/synapse/releases/tag/v1.41.1
github.com/matrix-org/synapse/security/advisories/GHSA-jj53-8fmw-f2w2
launchpad.net/bugs/cve/CVE-2021-39163
nvd.nist.gov/vuln/detail/CVE-2021-39163
security-tracker.debian.org/tracker/CVE-2021-39163
www.cve.org/CVERecord?id=CVE-2021-39163
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
49.7%