CVE-2021-21392 - Vulnerability Details - OpenCVE

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Matrix	Synapse

Configuration 1 [-]

cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/matrix-org/synapse/pull/9240
https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/
https://pypi.org/project/matrix-synapse/

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-04-12T21:50:14

Updated: 2024-08-03T18:09:15.930Z

Reserved: 2020-12-22T00:00:00

Link: CVE-2021-21392

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-04-12T22:15:13.147

Modified: 2024-11-21T05:48:15.877

Link: CVE-2021-21392

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "synapse", "vendor": "matrix-org", "versions": [{"status": "affected", "version": "< 1.28.0"}]}], "descriptions": [{"lang": "en", "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-02T02:06:34", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://pypi.org/project/matrix-synapse/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/matrix-org/synapse/pull/9240"}, {"name": "FEDORA-2021-a627cfd31e", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"}], "source": {"advisory": "GHSA-5wrh-4jwv-5w78", "discovery": "UNKNOWN"}, "title": "Open redirect via transitional IPv6 addresses on dual-stack networks", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-21392", "STATE": "PUBLIC", "TITLE": "Open redirect via transitional IPv6 addresses on dual-stack networks"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "synapse", "version": {"version_data": [{"version_value": "< 1.28.0"}]}}]}, "vendor_name": "matrix-org"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}]}, "references": {"reference_data": [{"name": "https://pypi.org/project/matrix-synapse/", "refsource": "MISC", "url": "https://pypi.org/project/matrix-synapse/"}, {"name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78", "refsource": "CONFIRM", "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"}, {"name": "https://github.com/matrix-org/synapse/pull/9240", "refsource": "MISC", "url": "https://github.com/matrix-org/synapse/pull/9240"}, {"name": "FEDORA-2021-a627cfd31e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"}]}, "source": {"advisory": "GHSA-5wrh-4jwv-5w78", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:09:15.930Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pypi.org/project/matrix-synapse/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/matrix-org/synapse/pull/9240"}, {"name": "FEDORA-2021-a627cfd31e", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-21392", "datePublished": "2021-04-12T21:50:14", "dateReserved": "2020-12-22T00:00:00", "dateUpdated": "2024-08-03T18:09:15.930Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*", "matchCriteriaId": "23F4FE7B-D273-4A8C-8B2C-102FD4E1B1EE", "versionEndExcluding": "1.28.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."}, {"lang": "es", "value": "Synapse es un servidor dom\u00e9stico de referencia de Matrix escrito en python (paquete pypi matrix-synapse). Matrix es un ecosistema para VoIP y mensajer\u00eda instant\u00e1nea federada abierta. En Synapse, versiones anteriores a 1.28.0, las peticiones a los dominios proporcionados por el usuario no estaban restringidas a direcciones IP externas cuando se usaban direcciones IPv6 de transici\u00f3n. Las peticiones salientes a la federaci\u00f3n, los servidores de identidad, al calcular la validez de la clave para eventos de invitaci\u00f3n de terceros, el env\u00edo de notificaciones push y la generaci\u00f3n de vistas previas de URL est\u00e1n afectadas. Esto podr\u00eda causar que Synapse realice peticiones a la infraestructura interna en redes de doble pila. Consulte el aviso de seguridad de GitHub al que se hace referencia para obtener detalles y soluciones"}], "id": "CVE-2021-21392", "lastModified": "2024-11-21T05:48:15.877", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-12T22:15:13.147", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/matrix-org/synapse/pull/9240"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"}, {"source": "security-advisories@github.com", "tags": ["Product", "Third Party Advisory"], "url": "https://pypi.org/project/matrix-synapse/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/matrix-org/synapse/pull/9240"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Third Party Advisory"], "url": "https://pypi.org/project/matrix-synapse/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-601"}], "source": "nvd@nist.gov", "type": "Primary"}]}