#VU81454 Cleartext storage of sensitive information in Synapse
Vulnerability identifier: #VU81454
Vulnerability risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-312
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Synapse
Server applications /
Conferencing, Collaboration and VoIP solutions
Vendor: Matrix.org
Description
The vulnerability allows a user to gain access to sensitive information.
The vulnerability exists due to the way the application handles password change. When users update their passwords, the new credentials may be briefly held in the server database in clear text. A user with access to the database can obtain the password in clear text.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Synapse: 1.66.0 - 1.92.3
External links
http://github.com/matrix-org/synapse/pull/16272
http://github.com/matrix-org/synapse/security/advisories/GHSA-4f74-84v3-j9q5
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
