CVE-2019-11340 - OpenCVE

util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowed_local_3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on user@bad.example.net@good.example.com returns the user@bad.example.net substring.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Matrix	Sydent

Configuration 1 [-]

cpe:2.3:a:matrix:sydent:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/matrix-org/sydent/commit/4e1cfff53429c49c87d5c457a18ed435520044fc	Patch Third Party Advisory
https://github.com/matrix-org/sydent/compare/7c002cd...09278fb	Patch Third Party Advisory
https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2/	Release Notes Vendor Advisory
https://twitter.com/matrixdotorg/status/1118934335963500545	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-04-19T13:35:36

Updated: 2019-04-19T13:35:36

Reserved: 2019-04-19T00:00:00

Link: CVE-2019-11340

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-04-19T14:29:00.417

Modified: 2019-04-22T17:52:19.167

Link: CVE-2019-11340

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowed_local_3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on user@bad.example.net@good.example.com returns the user@bad.example.net substring."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-04-19T13:35:36", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://twitter.com/matrixdotorg/status/1118934335963500545"}, {"tags": ["x_refsource_MISC"], "url": "https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/matrix-org/sydent/commit/4e1cfff53429c49c87d5c457a18ed435520044fc"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/matrix-org/sydent/compare/7c002cd...09278fb"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-11340", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowed_local_3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on user@bad.example.net@good.example.com returns the user@bad.example.net substring."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://twitter.com/matrixdotorg/status/1118934335963500545", "refsource": "MISC", "url": "https://twitter.com/matrixdotorg/status/1118934335963500545"}, {"name": "https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2/", "refsource": "MISC", "url": "https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2/"}, {"name": "https://github.com/matrix-org/sydent/commit/4e1cfff53429c49c87d5c457a18ed435520044fc", "refsource": "MISC", "url": "https://github.com/matrix-org/sydent/commit/4e1cfff53429c49c87d5c457a18ed435520044fc"}, {"name": "https://github.com/matrix-org/sydent/compare/7c002cd...09278fb", "refsource": "MISC", "url": "https://github.com/matrix-org/sydent/compare/7c002cd...09278fb"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-11340", "datePublished": "2019-04-19T13:35:36", "dateReserved": "2019-04-19T00:00:00", "dateUpdated": "2019-04-19T13:35:36", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:matrix:sydent:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE553235-44B4-4D67-AF42-EC3F61590182", "versionEndExcluding": "1.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowed_local_3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on user@bad.example.net@good.example.com returns the user@bad.example.net substring."}, {"lang": "es", "value": "Vulnerabilidad en archivo util/emailutils.py en Matrix Sydent anterior a las restricciones de registro de la versi\u00f3n 1.0.2 basado en el dominio de correo electr\u00f3nico, si la opci\u00f3n allowed_local_3pids est\u00e1 habilitada. Esto ocurre debido a un comportamiento potencialmente no deseado en Python, en el que una llamada de email.utils.parseaddr en user@bad.example.net@good.example.com devuelve la subcadena user@bad.example.net."}], "id": "CVE-2019-11340", "lastModified": "2019-04-22T17:52:19.167", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-19T14:29:00.417", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/matrix-org/sydent/commit/4e1cfff53429c49c87d5c457a18ed435520044fc"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/matrix-org/sydent/compare/7c002cd...09278fb"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://twitter.com/matrixdotorg/status/1118934335963500545"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}