Sentry 8.2.0 Remote Code Execution via Pickle Deserialization (CVE-2021-47935)

Sentry 8.2.0 is vulnerable to remote code execution (CVE-2021-47935) due to insecure deserialization of pickle objects. This vulnerability allows authenticated superusers to execute arbitrary commands on the Sentry server. An attacker with superuser privileges can inject malicious pickle-serialized objects through the audit log entry data parameter. The vulnerability arises because the application fails to properly sanitize or validate the data being deserialized, allowing an attacker to inject arbitrary Python code within a base64-encoded compressed pickle payload. Exploitation requires authentication as a superuser, limiting the scope to compromised or malicious administrators.

Attack Chain

1. An attacker authenticates to the Sentry application as a superuser.
2. The attacker crafts a malicious pickle payload containing arbitrary Python code for execution.
3. The pickle payload is compressed and then base64 encoded.
4. The attacker crafts a POST request to the /admin/auditlog/ endpoint.
5. The POST request includes the base64-encoded compressed pickle payload within the data parameter of the audit log entry.
6. The Sentry application receives the POST request and attempts to deserialize the pickle data without proper sanitization.
7. The malicious pickle payload is deserialized, leading to arbitrary code execution with the privileges of the Sentry application.
8. The attacker achieves remote code execution on the Sentry server.

Impact

Successful exploitation allows an attacker to execute arbitrary commands on the Sentry server with the privileges of the application. This can lead to complete compromise of the Sentry instance, including access to sensitive data, modification of configurations, and potential lateral movement to other systems within the network. Given the critical role Sentry often plays in application monitoring and incident response, a successful attack could severely impact an organization’s security posture.

Recommendation

• Upgrade Sentry to a patched version that addresses CVE-2021-47935.
• Deploy the Sigma rule Detect Suspicious Sentry Pickle Deserialization in Audit Log to monitor for exploitation attempts targeting the /admin/auditlog/ endpoint.
• Restrict and closely monitor superuser access within the Sentry application to minimize the attack surface.
• Implement input validation and sanitization measures to prevent the deserialization of untrusted data, mitigating similar vulnerabilities in the future.