GitHub_MCVELIST:CVE-2023-36829CVE-2023-36829 Sentry CORS misconfiguration vulnerability
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
0.001 Low
EPSS
Percentile
32.0%
Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends with the system.base-hostname option of Sentry installation. This only affects installations that have system.base-hostname option explicitly set, as it is empty by default. Impact is limited since recent versions of major browsers have cross-site cookie blocking enabled by default. However, this flaw could allow other multi-step attacks. The patch has been released in Sentry 23.6.2.
CNA Affected
[
{
"vendor": "getsentry",
"product": "sentry",
"versions": [
{
"version": ">= 23.6.0, < 23.6.2",
"status": "affected"
}
]
}
]Related
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
0.001 Low
EPSS
Percentile
32.0%