CVE-2022-39202

2022-09-1318:15:15

Google

osv.dev

cve-2022-39202

node.js

irc

matrix

vulnerability

parsing

permissions

command

patch

workaround

privileged users

operator

attacker

mode command

6.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

0.001 Low

EPSS

Percentile

42.0%

JSON

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat (IRC) protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such modes incorrectly, potentially resulting in the wrong user being given permissions. Mode commands can only be executed by privileged users, so this can only be abused if an operator is tricked into running the command on behalf of an attacker. The vulnerability has been patched in matrix-appservice-irc 0.35.0. As a workaround users should refrain from entering mode commands suggested by untrusted users. Avoid using multiple modes in a single command.

CPENameOperatorVersion
matrix-appservice-irceq0.11.0-rc4
matrix-appservice-irceq0.13.0
matrix-appservice-irceq0.15.2
matrix-appservice-irceq0.15.0
matrix-appservice-irceq0.29.0
matrix-appservice-irceq0.10.0
matrix-appservice-irceq0.19.0-rc2
matrix-appservice-irceq0.29.0-rc1
matrix-appservice-irceqdevelop-2019-10-23
matrix-appservice-irceq0.14.0-rc4

Name	Operator	Version
matrix-appservice-irc	eq	0.11.0-rc4
matrix-appservice-irc	eq	0.13.0
matrix-appservice-irc	eq	0.15.2
matrix-appservice-irc	eq	0.15.0
matrix-appservice-irc	eq	0.29.0
matrix-appservice-irc	eq	0.10.0
matrix-appservice-irc	eq	0.19.0-rc2
matrix-appservice-irc	eq	0.29.0-rc1
matrix-appservice-irc	eq	develop-2019-10-23
matrix-appservice-irc	eq	0.14.0-rc4