CVE-2023-4320: Satellite: arithmetic overflow in satellite
First published: Mon Aug 14 2023(Updated: )
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/satellite | <6.13 | 6.13 |
| Red Hat Network Satellite Server | <6.13 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-4320?
CVE-2023-4320 has been assessed as a high severity vulnerability due to its potential to allow indefinite personal access tokens creation.
How do I fix CVE-2023-4320?
To mitigate the effects of CVE-2023-4320, you should upgrade the Satellite software to version 6.13 or later.
Who is affected by CVE-2023-4320?
CVE-2023-4320 affects users of Red Hat Satellite version up to 6.13.
What impact does CVE-2023-4320 have on system integrity?
CVE-2023-4320 can compromise system integrity by allowing attackers to create personal access tokens that are valid indefinitely.
Is CVE-2023-4320 being actively exploited?
As of the latest information, there are no reports indicating that CVE-2023-4320 is actively being exploited in the wild.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/title
- agent/author
- agent/weakness
- agent/severity
- agent/event
- agent/references
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-4320
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/redhat
- canonical/red hat network satellite server