CVE-2023-36829

CVSS V2 None CVSS V3 None

Description

Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true` HTTP header if the `Origin` request header ends with the `system.base-hostname` option of Sentry installation. This only affects installations that have `system.base-hostname` option explicitly set, as it is empty by default. Impact is limited since recent versions of major browsers have cross-site cookie blocking enabled by default. However, this flaw could allow other multi-step attacks. The patch has been released in Sentry 23.6.2.

Overview

CVE ID
CVE-2023-36829

Assigner
GitHub_M

Vulnerability Status
PUBLISHED

Published Version
2023-07-06T22:08:58.922Z

Last Modified Date
2023-07-06T22:08:58.922Z

Weakness Enumerations

CWE	URL
CWE-942	http://cwe.mitre.org/data/definitions/942.html
CWE-863	http://cwe.mitre.org/data/definitions/863.html

References

Reference URL	Reference Tags
https://github.com/getsentry/sentry/security/advisories/GHSA-4xqm-4p72-87h6	x_refsource_CONFIRM
https://github.com/getsentry/sentry/pull/52276	x_refsource_MISC
https://github.com/getsentry/sentry/commit/ee44c6be35e5e464bc40637580f39867898acd8b	x_refsource_MISC
https://github.com/getsentry/self-hosted/releases/tag/23.6.2	x_refsource_MISC

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-36829
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36829

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 16:46:43				Added to TrackCVE