First published: Thu Apr 15 2021(Updated: )
### Impact Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perform an internal port enumeration. ### Patches Fixed in 9e57334, 8936925, 3d531ed, 0f00412 ### Workarounds A potential workaround would be to use a firewall to ensure that Sydent cannot reach internal HTTP resources. ### For more information If you have any questions or comments about this advisory, email us at security@matrix.org.
Credit: security-advisories@github.com security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Matrix Sydent | <2.3.0 | |
pip/matrix-sydent | <2.3.0 | 2.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-29431 is a vulnerability in the Matrix Sydent identity server that allows for the sending of HTTP GET requests to internal systems.
CVE-2021-29431 has a severity rating of high with a score of 6.5.
CVE-2021-29431 affects Matrix Sydent versions up to and excluding 2.3.0.
No, it is not possible to exfiltrate data or control request headers with CVE-2021-29431.
To fix CVE-2021-29431, update to a version of Matrix Sydent that includes the necessary patches.