Vulnerability Details : CVE-2023-36829
Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true` HTTP header if the `Origin` request header ends with the `system.base-hostname` option of Sentry installation. This only affects installations that have `system.base-hostname` option explicitly set, as it is empty by default. Impact is limited since recent versions of major browsers have cross-site cookie blocking enabled by default. However, this flaw could allow other multi-step attacks. The patch has been released in Sentry 23.6.2.
Products affected by CVE-2023-36829
- cpe:2.3:a:functional:sentry:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-36829
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 42 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-36829
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
2.8
|
2.5
|
NIST | |
6.8
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N |
1.6
|
5.2
|
GitHub, Inc. |
CWE ids for CVE-2023-36829
-
The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.Assigned by: nvd@nist.gov (Primary)
-
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.Assigned by: security-advisories@github.com (Secondary)
-
The product uses a cross-domain policy file that includes domains that should not be trusted.Assigned by: security-advisories@github.com (Secondary)
References for CVE-2023-36829
-
https://github.com/getsentry/self-hosted/releases/tag/23.6.2
Release 23.6.2 · getsentry/self-hosted · GitHubRelease Notes
-
https://github.com/getsentry/sentry/commit/ee44c6be35e5e464bc40637580f39867898acd8b
Fix GHSA-4xqm-4p72-87h6 (#52276) · getsentry/sentry@ee44c6b · GitHubPatch
-
https://github.com/getsentry/sentry/security/advisories/GHSA-4xqm-4p72-87h6
CORS misconfiguration · Advisory · getsentry/sentry · GitHubPatch
-
https://github.com/getsentry/sentry/pull/52276
Fix GHSA-4xqm-4p72-87h6 by oioki · Pull Request #52276 · getsentry/sentry · GitHubPatch
Jump to