CVE-2023-38686

Name of the Vulnerable Software and Affected Versions Sydent versions prior to 2.5.6

Description Sydent is an identity server for the Matrix communications protocol. If configured to send emails using TLS, Sydent does not verify SMTP servers' certificates, making its emails vulnerable to interception via a man-in-the-middle (MITM) attack. Attackers with privileged access to the network can intercept room invitations and address confirmation emails. This issue is patched in Sydent 2.5.6. When patching, ensure that Sydent trusts the certificate of the server it is connecting to, which should happen automatically when using properly issued certificates. Those who use self-signed certificates should copy their Certification Authority certificate or their self-signed certificate to the trust store of their operating system.

Recommendations For versions prior to 2.5.6, update to Sydent 2.5.6 to resolve the issue. When patching, make sure that Sydent trusts the certificate of the server it is connecting to. This should happen automatically when using properly issued certificates. If you are using self-signed certificates, make sure to copy your Certification Authority certificate, or your self-signed certificate if using only one, to the trust store of your operating system. As a temporary workaround, consider setting the configured SMTP server to a loopback or non-routable address under your control which does not have a listening SMTP server.