Vulnerability-Lookup

CVE-2023-42453 (GCVE-0-2023-42453)

Vulnerability from cvelistv5 – Published: 2023-09-26 20:49 – Updated: 2025-06-18 14:11

Title

Improper validation of receipts allows forged read receipts in matrix synapse

Summary

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue.

Severity ?

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-285 - Improper Authorization

Assigner

GitHub_M

References

URL

Tags

	https://github.com/matrix-org/synapse/security/ad…	x_refsource_CONFIRM
	https://github.com/matrix-org/synapse/pull/16327	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	https://security.gentoo.org/glsa/202401-12

Impacted products

	Vendor	Product	Version
	matrix-org	synapse	Affected: >= 0.34.0, < 1.93.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:23:38.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
          },
          {
            "name": "https://github.com/matrix-org/synapse/pull/16327",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/matrix-org/synapse/pull/16327"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202401-12"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-42453",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-09T16:28:42.021395Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-18T14:11:32.728Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "synapse",
          "vendor": "matrix-org",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 0.34.0, \u003c 1.93.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285: Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-07T11:08:12.915Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
        },
        {
          "name": "https://github.com/matrix-org/synapse/pull/16327",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/matrix-org/synapse/pull/16327"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/"
        },
        {
          "url": "https://security.gentoo.org/glsa/202401-12"
        }
      ],
      "source": {
        "advisory": "GHSA-7565-cq32-vx2x",
        "discovery": "UNKNOWN"
      },
      "title": "Improper validation of receipts allows forged read receipts in matrix synapse"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-42453",
    "datePublished": "2023-09-26T20:49:23.365Z",
    "dateReserved": "2023-09-08T20:57:45.573Z",
    "dateUpdated": "2025-06-18T14:11:32.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x\", \"name\": \"https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/matrix-org/synapse/pull/16327\", \"name\": \"https://github.com/matrix-org/synapse/pull/16327\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-12\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T19:23:38.904Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-42453\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-09T16:28:42.021395Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-18T14:11:28.805Z\"}}], \"cna\": {\"title\": \"Improper validation of receipts allows forged read receipts in matrix synapse\", \"source\": {\"advisory\": \"GHSA-7565-cq32-vx2x\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"matrix-org\", \"product\": \"synapse\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 0.34.0, \u003c 1.93.0\"}]}], \"references\": [{\"url\": \"https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x\", \"name\": \"https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/matrix-org/synapse/pull/16327\", \"name\": \"https://github.com/matrix-org/synapse/pull/16327\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-12\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-285\", \"description\": \"CWE-285: Improper Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-01-07T11:08:12.915Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-42453\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-18T14:11:32.728Z\", \"dateReserved\": \"2023-09-08T20:57:45.573Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-09-26T20:49:23.365Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

PYSEC-2023-180

Vulnerability from pysec - Published: 2023-09-27 15:19 - Updated: 2023-09-29 20:23

Details

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Impacted products

Name	purl
matrix-synapse	pkg:pypi/matrix-synapse

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "matrix-synapse",
        "purl": "pkg:pypi/matrix-synapse"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.34.0"
            },
            {
              "fixed": "1.93.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.34.0",
        "1.35.0",
        "1.35.0rc1",
        "1.35.0rc2",
        "1.35.0rc3",
        "1.35.1",
        "1.36.0",
        "1.36.0rc1",
        "1.36.0rc2",
        "1.37.0",
        "1.37.0rc1",
        "1.37.1",
        "1.37.1rc1",
        "1.38.0",
        "1.38.0rc1",
        "1.38.0rc2",
        "1.38.0rc3",
        "1.38.1",
        "1.39.0",
        "1.39.0rc1",
        "1.39.0rc2",
        "1.39.0rc3",
        "1.40.0",
        "1.40.0rc1",
        "1.40.0rc2",
        "1.40.0rc3",
        "1.41.0",
        "1.41.0rc1",
        "1.41.1",
        "1.42.0",
        "1.42.0rc1",
        "1.42.0rc2",
        "1.43.0",
        "1.43.0rc1",
        "1.43.0rc2",
        "1.44.0",
        "1.44.0rc1",
        "1.44.0rc2",
        "1.44.0rc3",
        "1.45.0",
        "1.45.0rc1",
        "1.45.0rc2",
        "1.45.1",
        "1.46.0",
        "1.46.0rc1",
        "1.47.0",
        "1.47.0rc1",
        "1.47.0rc2",
        "1.47.0rc3",
        "1.47.1",
        "1.48.0",
        "1.48.0rc1",
        "1.49.0",
        "1.49.0rc1",
        "1.49.2",
        "1.50.0",
        "1.50.0rc1",
        "1.50.0rc2",
        "1.50.1",
        "1.50.2",
        "1.51.0",
        "1.51.0rc1",
        "1.51.0rc2",
        "1.52.0",
        "1.52.0rc1",
        "1.53.0",
        "1.53.0rc1",
        "1.54.0",
        "1.54.0rc1",
        "1.55.0",
        "1.55.0rc1",
        "1.55.1",
        "1.55.2",
        "1.56.0",
        "1.56.0rc1",
        "1.57.0",
        "1.57.0rc1",
        "1.57.1",
        "1.58.0",
        "1.58.0rc2",
        "1.58.1",
        "1.59.0",
        "1.59.0rc1",
        "1.59.0rc2",
        "1.59.1",
        "1.60.0",
        "1.60.0rc1",
        "1.60.0rc2",
        "1.61.0",
        "1.61.0rc1",
        "1.61.1",
        "1.62.0",
        "1.62.0rc1",
        "1.62.0rc2",
        "1.62.0rc3",
        "1.63.0",
        "1.63.0rc1",
        "1.63.1",
        "1.64.0",
        "1.64.0rc1",
        "1.64.0rc2",
        "1.65.0",
        "1.65.0rc1",
        "1.65.0rc2",
        "1.66.0",
        "1.66.0rc1",
        "1.66.0rc2",
        "1.67.0",
        "1.67.0rc1",
        "1.68.0",
        "1.68.0rc1",
        "1.68.0rc2",
        "1.69.0",
        "1.69.0rc1",
        "1.69.0rc2",
        "1.69.0rc4",
        "1.70.0",
        "1.70.0rc1",
        "1.70.0rc2",
        "1.70.1",
        "1.71.0",
        "1.71.0rc1",
        "1.71.0rc2",
        "1.72.0",
        "1.72.0rc1",
        "1.73.0",
        "1.73.0rc2",
        "1.74.0",
        "1.74.0rc1",
        "1.75.0",
        "1.75.0rc1",
        "1.75.0rc2",
        "1.76.0",
        "1.76.0rc1",
        "1.76.0rc2",
        "1.77.0",
        "1.77.0rc1",
        "1.77.0rc2",
        "1.78.0",
        "1.78.0rc1",
        "1.79.0",
        "1.79.0rc1",
        "1.79.0rc2",
        "1.80.0",
        "1.80.0rc1",
        "1.80.0rc2",
        "1.81.0",
        "1.81.0rc1",
        "1.81.0rc2",
        "1.82.0",
        "1.82.0rc1",
        "1.83.0",
        "1.83.0rc1",
        "1.84.0",
        "1.84.0rc1",
        "1.84.1",
        "1.85.0",
        "1.85.0rc1",
        "1.85.0rc2",
        "1.85.1",
        "1.85.2",
        "1.86.0",
        "1.86.0rc2",
        "1.87.0",
        "1.87.0rc1",
        "1.88.0",
        "1.88.0rc1",
        "1.89.0",
        "1.89.0rc1",
        "1.90.0",
        "1.90.0rc1",
        "1.91.0",
        "1.91.0rc1",
        "1.91.1",
        "1.91.2",
        "1.92.0rc1",
        "1.92.1",
        "1.92.2",
        "1.92.3",
        "1.93.0rc1"
      ]
    }
  ],
  "aliases": [
    "CVE-2023-42453",
    "GHSA-7565-cq32-vx2x"
  ],
  "details": "Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue.",
  "id": "PYSEC-2023-180",
  "modified": "2023-09-29T20:23:39.578838+00:00",
  "published": "2023-09-27T15:19:00+00:00",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/matrix-org/synapse/pull/16327"
    },
    {
      "type": "FIX",
      "url": "https://github.com/matrix-org/synapse/pull/16327"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2023-42453

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-42453

Aliases

CVE-2023-42453

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-42453",
    "id": "GSD-2023-42453"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-42453"
      ],
      "details": "Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue.",
      "id": "GSD-2023-42453",
      "modified": "2023-12-13T01:20:21.846460Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2023-42453",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "synapse",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003e= 0.34.0, \u003c 1.93.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "matrix-org"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-285",
                "lang": "eng",
                "value": "CWE-285: Improper Authorization"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x",
            "refsource": "MISC",
            "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
          },
          {
            "name": "https://github.com/matrix-org/synapse/pull/16327",
            "refsource": "MISC",
            "url": "https://github.com/matrix-org/synapse/pull/16327"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/"
          },
          {
            "name": "https://security.gentoo.org/glsa/202401-12",
            "refsource": "MISC",
            "url": "https://security.gentoo.org/glsa/202401-12"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-7565-cq32-vx2x",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "655B00DF-6A38-4A54-8969-72F83636B4C5",
                    "versionEndExcluding": "1.93.0",
                    "versionStartIncluding": "1.34.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue."
          },
          {
            "lang": "es",
            "value": "Synapse es un servidor dom\u00e9stico Matrix de c\u00f3digo abierto escrito y mantenido por la Fundaci\u00f3n Matrix.org. Los usuarios pod\u00edan falsificar recibos de lectura para cualquier evento (si conoc\u00edan el ID de la sala y el ID del evento). Tenga en cuenta que los usuarios no pudieron ver los eventos, simplemente marcarlos como le\u00eddos. Esto podr\u00eda resultar confuso ya que los clientes mostrar\u00e1n el evento tal como lo ley\u00f3 el usuario, incluso si no est\u00e1n en la sala. Este problema se solucion\u00f3 en la versi\u00f3n 1.93.0. Se recomienda a los usuarios que actualicen. No se conocen workarounds para este problema."
          }
        ],
        "id": "CVE-2023-42453",
        "lastModified": "2024-01-07T11:15:12.980",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 1.4,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 1.6,
              "impactScore": 1.4,
              "source": "security-advisories@github.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2023-09-27T15:19:32.453",
        "references": [
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Issue Tracking",
              "Patch"
            ],
            "url": "https://github.com/matrix-org/synapse/pull/16327"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mailing List",
              "Release Notes"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mailing List",
              "Release Notes"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://security.gentoo.org/glsa/202401-12"
          }
        ],
        "sourceIdentifier": "security-advisories@github.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-285"
              }
            ],
            "source": "security-advisories@github.com",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-Other"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

GHSA-7565-CQ32-VX2X

Vulnerability from github – Published: 2023-09-26 19:20 – Updated: 2024-09-24 17:49

Summary

matrix-synapse vulnerable to improper validation of receipts allows forged read receipts

Details

Impact

Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room.

Patches

https://github.com/matrix-org/synapse/pull/16327

Workarounds

There is no workaround.

Severity ?

3.1 (Low)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

6.3 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "matrix-synapse"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.34.0"
            },
            {
              "fixed": "1.93.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-42453"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-285"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-26T19:20:38Z",
    "nvd_published_at": "2023-09-27T15:19:32Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nUsers were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room.\n\n### Patches\nhttps://github.com/matrix-org/synapse/pull/16327\n\n### Workarounds\nThere is no workaround.\n",
  "id": "GHSA-7565-cq32-vx2x",
  "modified": "2024-09-24T17:49:17Z",
  "published": "2023-09-26T19:20:38Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42453"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/synapse/pull/16327"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/synapse/commit/63d28a88c1d18c64ea7e23b6dd7483e6d5dcf881"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/matrix-org/synapse"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2023-180.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-12"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "matrix-synapse vulnerable to improper validation of receipts allows forged read receipts"
}

FKIE_CVE-2023-42453

Vulnerability from fkie_nvd - Published: 2023-09-27 15:19 - Updated: 2024-11-21 08:22

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/matrix-org/synapse/pull/16327	Issue Tracking, Patch
security-advisories@github.com	https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x	Vendor Advisory
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/	Mailing List, Release Notes
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/	Mailing List, Release Notes
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/
security-advisories@github.com	https://security.gentoo.org/glsa/202401-12
af854a3a-2127-422b-91ae-364da2661108	https://github.com/matrix-org/synapse/pull/16327	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/	Mailing List, Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/	Mailing List, Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202401-12

Impacted products

Vendor	Product	Version
matrix	synapse	*
fedoraproject	fedora	37
fedoraproject	fedora	38

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655B00DF-6A38-4A54-8969-72F83636B4C5",
              "versionEndExcluding": "1.93.0",
              "versionStartIncluding": "1.34.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue."
    },
    {
      "lang": "es",
      "value": "Synapse es un servidor dom\u00e9stico Matrix de c\u00f3digo abierto escrito y mantenido por la Fundaci\u00f3n Matrix.org. Los usuarios pod\u00edan falsificar recibos de lectura para cualquier evento (si conoc\u00edan el ID de la sala y el ID del evento). Tenga en cuenta que los usuarios no pudieron ver los eventos, simplemente marcarlos como le\u00eddos. Esto podr\u00eda resultar confuso ya que los clientes mostrar\u00e1n el evento tal como lo ley\u00f3 el usuario, incluso si no est\u00e1n en la sala. Este problema se solucion\u00f3 en la versi\u00f3n 1.93.0. Se recomienda a los usuarios que actualicen. No se conocen workarounds para este problema."
    }
  ],
  "id": "CVE-2023-42453",
  "lastModified": "2024-11-21T08:22:33.887",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.1,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-09-27T15:19:32.453",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/matrix-org/synapse/pull/16327"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://security.gentoo.org/glsa/202401-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/matrix-org/synapse/pull/16327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/202401-12"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-285"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-42453 (GCVE-0-2023-42453)

PYSEC-2023-180

GSD-2023-42453

GHSA-7565-CQ32-VX2X

Impact

Patches

Workarounds

FKIE_CVE-2023-42453

Tags

Sightings

Nomenclature