CVE-2023-4320: Satellite: arithmetic overflow in satellite
First published: Mon Aug 14 2023(Updated: )
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Satellite | <6.13 | |
| redhat/satellite | <6.13 | 6.13 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/title
- agent/author
- agent/weakness
- agent/severity
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-4320
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/redhat
- canonical/redhat satellite
- package-manager/redhat