Home > Vulnerability Database > CVE-2021-41281

Mend.io Vulnerability Database

CVE-2021-41281

Good to know:

Date: November 23, 2021

Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. The last 2 directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact. Homeservers with the media repository disabled are unaffected. Homeservers with a federation whitelist are also unaffected, since Synapse will check the remote hostname, including the trailing `../`s, against the whitelist. Server administrators should upgrade to 1.47.1 or later. Server administrators using a reverse proxy could, at the expense of losing media functionality, may block the certain endpoints as a workaround. Alternatively, non-containerized deployments can be adapted to use the hardened systemd config.

Language: Python

Severity Score

7.5

Related Resources (11)

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N3WY56LCEZ4ZECLWV5KMAXF2PSMUB4F2

Url: https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N3WY56LCEZ4ZECLWV5KMAXF2PSMUB4F2/

Url: https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2021-436.yaml

Url: https://github.com/matrix-org/synapse/commit/91f2bd090

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EU7QRE55U4IUEDLKT5IYPWL3UXMELFAS/

Url: https://github.com/matrix-org/synapse/releases/tag/v1.47.1

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EU7QRE55U4IUEDLKT5IYPWL3UXMELFAS

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-41281

Url: https://github.com/matrix-org/synapse

Url: https://www.mend.io/vulnerability-database/CVE-2021-41281

Severity Score

7.5

Weakness Type (CWE)

Path Traversal

CWE-22

Top Fix

Upgrade Version

Upgrade to version matrix-synapse - 1.47.1

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-41281

Good to know:

Date: November 23, 2021

Language: Python

Severity Score

Related Resources (11)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?