Vulnerability Name:

CVE-2021-21274 (CCN-197493)

Assigned:2020-12-22
Published:2021-02-25
Updated:2022-10-24
Summary:Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which accepts federation requests from untrusted servers. Issue is resolved in version 1.25.0. As a workaround the `federation_domain_whitelist` setting can be used to restrict the homeservers communicated with over federation.
CVSS v3 Severity:6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-770
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2021-21274

Source: XF
Type: UNKNOWN
matrix-cve202121274-dos(197493)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/matrix-org/synapse/commit/ff5c4da1289cb5e097902b3e55b771be342c29d6

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/matrix-org/synapse/pull/8950

Source: MISC
Type: Third Party Advisory
https://github.com/matrix-org/synapse/releases/tag/v1.25.0

Source: CCN
Type: Synapse GIT Repository
Denial of service attack via .well-known lookups

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/matrix-org/synapse/security/advisories/GHSA-2hwx-mjrm-v3g8

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-a627cfd31e

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-21274

Vulnerable Configuration:Configuration 1:
  • cpe:/a:matrix:synapse:*:*:*:*:*:*:*:* (Version >= 0.99.0 and < 1.25.0)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:matrix:synapse:1.24.0:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    matrix synapse *
    fedoraproject fedora 34
    matrix synapse 1.24.0 -