diff --git a/rest_framework/authentication.py b/rest_framework/authentication.py
index f3fec05ec..36d74dd9b 100644
--- a/rest_framework/authentication.py
+++ b/rest_framework/authentication.py
@@ -129,7 +129,7 @@ class SessionAuthentication(BaseAuthentication):
         reason = CSRFCheck().process_view(request, None, (), {})
         if reason:
             # CSRF failed, bail with explicit error message
-            raise exceptions.AuthenticationFailed('CSRF Failed: %s' % reason)
+            raise exceptions.PermissionDenied('CSRF Failed: %s' % reason)
 
 
 class TokenAuthentication(BaseAuthentication):