Improper Authentication

2023-08-0805:57:40

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

security vulnerability

unauthorized actions

openid

spoofed user

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

18.1%

JSON

matrix-appservice-bridge is vulnerable to Improper Authentication. The vulnerability exists in postExchangeOpenId function at api.ts because it does not reject foreign users in OpenID responses which allows an attacker to perform unauthorized actions as the spoofed user.

CPENameOperatorVersion
@rocket.chat/forked-matrix-appservice-bridgeeq4.0.1
matrix-appservice-bridgeeq9.0.0
matrix-appservice-bridgele8.1.1
@rocket.chat/forked-matrix-appservice-bridgeeq4.0.1
matrix-appservice-bridgeeq9.0.0
matrix-appservice-bridgele8.1.1

Name	Operator	Version
@rocket.chat/forked-matrix-appservice-bridge	eq	4.0.1
matrix-appservice-bridge	eq	9.0.0
matrix-appservice-bridge	le	8.1.1
@rocket.chat/forked-matrix-appservice-bridge	eq	4.0.1
matrix-appservice-bridge	eq	9.0.0
matrix-appservice-bridge	le	8.1.1