8.1

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-39349

GHSA ID

GHSA-9jcq-jf57-c62c

EPSS Score

0.24316%

CWE

CWE-284

Published

8/8/2023

Updated

11/10/2023

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-39349

CVE-2023-39349: Privilege escalation via ApiTokensEndpoint

Impact

An attacker with access to a token with few or no scopes can query /api/0/api-tokens/ for a list of all tokens created by a user, including tokens with greater scopes, and use those tokens in other requests.

There is no evidence that the issue was exploited on https://sentry.io. For self-hosted users, it is advised to rotate user auth tokens via https://your-self-hosted-sentry-installation/settings/account/api/auth-tokens/.

Patches

The issue was fixed in https://github.com/getsentry/sentry/pull/53850 and is available in the release 23.7.2 of sentry and self-hosted.

Workarounds

There are no known workarounds.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2023-39349

CVE-2023-39349:

8.1

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-39349

GHSA ID

GHSA-9jcq-jf57-c62c

EPSS Score

0.24316%

CWE

CWE-284

Published

8/8/2023

Updated

11/10/2023

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
sentry	pip	>= 22.1.0, < 23.7.2	23.7.2

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The core vulnerability stemmed from ApiTokensEndpoint using SessionAuthentication which didn't properly restrict access to session cookies only. The patch introduced SessionNoAuthTokenAuthentication which explicitly blocks requests with Authorization headers (token-based auth). The original implementation allowed any authenticated request (including token-authenticated ones) to access the token listing endpoint, violating proper scope-based access control.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

8.1

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2023-39349: Privilege escalation via ApiTokensEndpoint

Impact

Patches

Workarounds

CVE-2023-39349:

8.1

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2023-39349: Privilege escalation via ApiTokensEndpoint

Impact

Patches

Workarounds

Basic Information

Basic Information

8.1

8.1

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI