CVE-2026-27197: Critical Sentry SAML SSO Flaw Enables Silent Account Takeover Without Credentials

Aegiron 10 mins0

CVE-2026-27197 — Sentry SAML SSO Account Takeover

CVE ID: CVE-2026-27197
Product: Sentry (Self-Hosted)
Affected Versions: >= 21.12.0 and < 26.2.0
Patched Version: 26.2.0
CVSS v3.1 Score: 9.1 (Critical)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity: Critical
Exploitability: High
Exploit Availability: No official public exploit released; technically feasible with moderate effort
Attack Type: Authentication bypass via SAML assertion manipulation
Impact: Full account takeover

This vulnerability exists in the SAML Single Sign-On (SSO) authentication workflow in Sentry. Under specific deployment conditions, improper validation of SAML assertions allows an attacker to authenticate as another user if the victim’s email address is known.

The issue primarily affects self-hosted deployments that:

  • Host multiple organizations on the same Sentry instance, or
  • Allow modification of SSO configuration across organizations

Technical Description

The vulnerability stems from improper validation of SAML assertions during the authentication process. When a SAML response is received by Sentry, certain verification checks related to issuer trust, assertion scoping, and identity binding are not strictly enforced in affected versions.

Specifically:

  • The SAML assertion issuer is not strictly validated against the organization’s configured Identity Provider (IdP).
  • Assertion scoping and audience restrictions may not be correctly enforced.
  • Account linking logic may allow identity association based solely on email matching.
  • Cross-organization trust boundaries are not strongly isolated in certain multi-org deployments.

Because of this, a malicious or rogue Identity Provider can generate a validly signed SAML assertion for any email address. If that email exists in Sentry, authentication is granted and the session is established under the victim’s identity.

No prior authentication is required.

Attack Scenario

The following realistic attack chain can be observed:

  1. The target Sentry instance is identified as self-hosted and multi-organization.
  2. The victim’s email address is obtained (public GitHub profile, commit logs, support tickets, etc.).
  3. A malicious SAML Identity Provider is configured by the attacker.
  4. A forged SAML assertion is generated containing:
    • Victim’s email
    • Valid SAML structure
    • Proper timestamps
    • Attacker-controlled issuer
  5. The forged assertion is POSTed to the Sentry SAML endpoint.
  6. Due to insufficient issuer and binding validation, the assertion is accepted.
  7. A valid session is created for the victim account.

At that point, the attacker gains access to:

  • Projects
  • Error data
  • Secrets stored in stack traces
  • API keys
  • Organization settings
  • Potential integration tokens

If the victim has admin rights, full organizational compromise is possible.

Root Cause

The vulnerability is classified as:

  • CWE-287: Improper Authentication
  • Incomplete validation of SAML assertion issuer
  • Weak trust boundary enforcement in multi-organization deployments
  • Insufficient assertion-to-organization binding

This is not a cryptographic bypass. It is a logical trust validation flaw.

Conditions Required for Exploitation

Exploitation becomes feasible when:

  • Sentry is self-hosted.
  • Multiple organizations are hosted on the same instance.
  • Organization-level SSO configurations are mismanaged or overlapping.
  • Email-based identity matching is enabled.
  • User-level 2FA is not enforced.

SaaS deployments were patched by the vendor.

Proof of Concept (Educational)

No official exploit code has been publicly released. However, exploitation is technically straightforward.

A simplified conceptual PoC flow:

  1. Set up a SAML IdP using tools like:
    • samltest.id
    • python-saml libraries
    • Shibboleth test IdP
  2. Generate assertion with:
  3. POST base64-encoded SAMLResponse to:
POST /auth/sso/saml/complete/
Content-Type: application/x-www-form-urlencodedSAMLResponse=<base64_assertion>

If the instance is vulnerable, login will succeed.

This information is provided strictly for defensive and educational use.

Exploitation Indicators

The following behavioral indicators may suggest compromise:

  • SAML assertions accepted from unknown or untrusted issuer.
  • SSO login events with no corresponding IdP authentication logs.
  • New session created for user without IdP trace.
  • Sudden API token generation after SSO login.
  • Cross-organization authentication anomalies.
  • SSO configuration modified unexpectedly.

Detection Strategy

Recommended Log Sources

  • Sentry application authentication logs
  • Web server / reverse proxy logs
  • SAML endpoint logs
  • Identity Provider logs (ADFS, Azure AD, Okta, etc.)
  • Audit logs for organization configuration changes
  • SIEM correlation events

Detection Queries

Splunk Query — Unknown SAML Issuer

index=web OR index=sentry
("POST /auth/sso/saml/complete" OR "POST /auth/sso/saml/consume")
| rex field=_raw "Issuer>(?<saml_issuer>[^<]+)<"
| search NOT saml_issuer IN ("https://trusted-idp.example.com")
| stats count by _time, src_ip, user, saml_issuer

Splunk Query — SSO Login Without IdP Event

index=sentry_logs event_type="sso_login_success"
| join user [
    search index=idp_logs event_type="authentication_success"
    | fields user, _time
]
| where isnull(idp_event_id)

Elastic Query — Suspicious SAML POST

event.dataset:web AND 
http.request.method:POST AND 
url.path:"/auth/sso/saml/complete" AND 
NOT saml.issuer:"trusted-idp.example.com"

Elastic Query — Unusual API Token Creation After SSO

event.dataset:sentry AND
event.action:"api_token_created"
| sequence by user
  [ event.action:"sso_login_success" ]
  [ event.action:"api_token_created" ] within 5m

Incident Response Guidance

If exploitation is suspected:

  1. Immediately revoke all active sessions.
  2. Rotate API tokens and integration secrets.
  3. Review audit logs for:
    • Organization changes
    • SSO configuration modifications
  4. Force password reset and require 2FA.
  5. Upgrade to patched version immediately.

Mitigation

Until upgrade is completed:

  • Enforce user-level 2FA.
  • Restrict SSO configuration permissions.
  • Disable unused organizations.
  • Verify trusted IdP certificates.
  • Enable strict SAML issuer validation if configurable.

Official Patch

Upgrade immediately to:

Sentry version 26.2.0 or later

Official advisory and patch information:

https://github.com/getsentry/sentry/security/advisories/GHSA-ggmg-cqg6-j45g

Risk Assessment

Because authentication can be bypassed without credentials, the risk level is considered Critical. Confidentiality and integrity are fully impacted. Availability is not directly affected.

Organizations running multi-tenant Sentry environments face the highest risk exposure.

Final Recommendation

This vulnerability should be treated as an emergency patching priority.

Even though no public exploit is widely circulating, the attack method is straightforward for anyone familiar with SAML internals. Delaying remediation significantly increases the risk of silent account compromise.

Upgrade immediately, validate SSO trust configuration, and review authentication logs for anomalies.

Aegiron

Backed by 11+ years in cybersecurity and incident response, we decode the latest threats shaping today’s digital battlefield. This blog cuts through the noise with clear insights on vulnerabilities, emerging exploits, and the cyber news defenders can’t afford to miss.