Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-38686

Good to know:

icon
icon

Date: August 4, 2023

Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails using TLS, Sydent does not verify SMTP servers' certificates. This makes Sydent's emails vulnerable to interception via a man-in-the-middle (MITM) attack. Attackers with privileged access to the network can intercept room invitations and address confirmation emails. This is patched in Sydent 2.5.6. When patching, make sure that Sydent trusts the certificate of the server it is connecting to. This should happen automatically when using properly issued certificates. Those who use self-signed certificates should make sure to copy their Certification Authority certificate, or their self signed certificate if using only one, to the trust store of your operating system. As a workaround, one can ensure Sydent's emails fail to send by setting the configured SMTP server to a loopback or non-routable address under one's control which does not have a listening SMTP server.

Language: Python

Severity Score

Related Resources (11)

https://github.com/matrix-org/sydent/commit/1cd748307c6b168b66154e6c4db715d4b9551261
https://github.com/python/cpython/issues/91826
https://peps.python.org/pep-0476/
https://github.com/matrix-org/sydent/releases/tag/v2.5.6
https://people.canonical.com/~ubuntu-security/cve/CVE-2023-38686
https://nvd.nist.gov/vuln/detail/CVE-2023-38686
https://github.com/matrix-org/sydent/security/advisories/GHSA-p6hw-wm59-3g5g
https://github.com/advisories/GHSA-p6hw-wm59-3g5g
https://docs.python.org/3/library/ssl.html?highlight=ssl#security-considerations
https://github.com/matrix-org/sydent/pull/574
https://www.mend.io/vulnerability-database/CVE-2023-38686

Severity Score

Weakness Type (CWE)

Improper Certificate Validation

CWE-295

Top Fix

icon

Upgrade Version

Upgrade to version matrix-sydent - 2.5.6

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us