Vulnerability Details CVE-2023-4320
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.2%
CVSS Severity
CVSS v3 Score 7.6
References
- https://access.redhat.com/errata/RHSA-2024:2010
- https://access.redhat.com/security/cve/CVE-2023-4320
- https://bugzilla.redhat.com/show_bug.cgi?id=2231814
- https://access.redhat.com/errata/RHSA-2024:2010
- https://access.redhat.com/security/cve/CVE-2023-4320
- https://bugzilla.redhat.com/show_bug.cgi?id=2231814
Products affected by CVE-2023-4320
-
cpe:2.3:a:redhat:satellite:3.7
-
cpe:2.3:a:redhat:satellite:4.0
-
cpe:2.3:a:redhat:satellite:4.1
-
cpe:2.3:a:redhat:satellite:4.2
-
cpe:2.3:a:redhat:satellite:5
-
cpe:2.3:a:redhat:satellite:5.0
-
cpe:2.3:a:redhat:satellite:5.1
-
cpe:2.3:a:redhat:satellite:5.1.1
-
cpe:2.3:a:redhat:satellite:5.2
-
cpe:2.3:a:redhat:satellite:5.3
-
cpe:2.3:a:redhat:satellite:5.4
-
cpe:2.3:a:redhat:satellite:5.4.1
-
cpe:2.3:a:redhat:satellite:5.5
-
cpe:2.3:a:redhat:satellite:5.6
-
cpe:2.3:a:redhat:satellite:5.7
-
cpe:2.3:a:redhat:satellite:5.8
-
cpe:2.3:a:redhat:satellite:5.8.0
-
cpe:2.3:a:redhat:satellite:6.0
-
cpe:2.3:a:redhat:satellite:6.0.3
-
cpe:2.3:a:redhat:satellite:6.0.5
-
cpe:2.3:a:redhat:satellite:6.0.6
-
cpe:2.3:a:redhat:satellite:6.0.7
-
cpe:2.3:a:redhat:satellite:6.0.8
-
cpe:2.3:a:redhat:satellite:6.1
-
cpe:2.3:a:redhat:satellite:6.1.10
-
cpe:2.3:a:redhat:satellite:6.1.11
-
cpe:2.3:a:redhat:satellite:6.1.12
-
cpe:2.3:a:redhat:satellite:6.1.2
-
cpe:2.3:a:redhat:satellite:6.1.3
-
cpe:2.3:a:redhat:satellite:6.1.4
-
cpe:2.3:a:redhat:satellite:6.1.5
-
cpe:2.3:a:redhat:satellite:6.1.6
-
cpe:2.3:a:redhat:satellite:6.1.7
-
cpe:2.3:a:redhat:satellite:6.1.8
-
cpe:2.3:a:redhat:satellite:6.1.9
-
cpe:2.3:a:redhat:satellite:6.10
-
cpe:2.3:a:redhat:satellite:6.10.1
-
cpe:2.3:a:redhat:satellite:6.10.2
-
cpe:2.3:a:redhat:satellite:6.10.3
-
cpe:2.3:a:redhat:satellite:6.10.4
-
cpe:2.3:a:redhat:satellite:6.10.4-1
-
cpe:2.3:a:redhat:satellite:6.10.5
-
cpe:2.3:a:redhat:satellite:6.10.5-1
-
cpe:2.3:a:redhat:satellite:6.10.6
-
cpe:2.3:a:redhat:satellite:6.10.7
-
cpe:2.3:a:redhat:satellite:6.10.7.1
-
cpe:2.3:a:redhat:satellite:6.10.7.2
-
cpe:2.3:a:redhat:satellite:6.11
-
cpe:2.3:a:redhat:satellite:6.11.1
-
cpe:2.3:a:redhat:satellite:6.11.1.1
-
cpe:2.3:a:redhat:satellite:6.11.2
-
cpe:2.3:a:redhat:satellite:6.11.3
-
cpe:2.3:a:redhat:satellite:6.11.4
-
cpe:2.3:a:redhat:satellite:6.11.4.1
-
cpe:2.3:a:redhat:satellite:6.11.5
-
cpe:2.3:a:redhat:satellite:6.11.5.1
-
cpe:2.3:a:redhat:satellite:6.11.5.2
-
cpe:2.3:a:redhat:satellite:6.11.5.3
-
cpe:2.3:a:redhat:satellite:6.11.5.4
-
cpe:2.3:a:redhat:satellite:6.12
-
cpe:2.3:a:redhat:satellite:6.12.1
-
cpe:2.3:a:redhat:satellite:6.12.2
-
cpe:2.3:a:redhat:satellite:6.12.3
-
cpe:2.3:a:redhat:satellite:6.12.4
-
cpe:2.3:a:redhat:satellite:6.12.4.1
-
cpe:2.3:a:redhat:satellite:6.12.5
-
cpe:2.3:a:redhat:satellite:6.2
-
cpe:2.3:a:redhat:satellite:6.2.1
-
cpe:2.3:a:redhat:satellite:6.2.10
-
cpe:2.3:a:redhat:satellite:6.2.11
-
cpe:2.3:a:redhat:satellite:6.2.12
-
cpe:2.3:a:redhat:satellite:6.2.13
-
cpe:2.3:a:redhat:satellite:6.2.14
-
cpe:2.3:a:redhat:satellite:6.2.15
-
cpe:2.3:a:redhat:satellite:6.2.16
-
cpe:2.3:a:redhat:satellite:6.2.2
-
cpe:2.3:a:redhat:satellite:6.2.3
-
cpe:2.3:a:redhat:satellite:6.2.4
-
cpe:2.3:a:redhat:satellite:6.2.5
-
cpe:2.3:a:redhat:satellite:6.2.6
-
cpe:2.3:a:redhat:satellite:6.2.7
-
cpe:2.3:a:redhat:satellite:6.2.8
-
cpe:2.3:a:redhat:satellite:6.2.9
-
cpe:2.3:a:redhat:satellite:6.3
-
cpe:2.3:a:redhat:satellite:6.3.1
-
cpe:2.3:a:redhat:satellite:6.3.2
-
cpe:2.3:a:redhat:satellite:6.3.3
-
cpe:2.3:a:redhat:satellite:6.3.4
-
cpe:2.3:a:redhat:satellite:6.3.5
-
cpe:2.3:a:redhat:satellite:6.4
-
cpe:2.3:a:redhat:satellite:6.4.1
-
cpe:2.3:a:redhat:satellite:6.4.2
-
cpe:2.3:a:redhat:satellite:6.4.3
-
cpe:2.3:a:redhat:satellite:6.4.4
-
cpe:2.3:a:redhat:satellite:6.5
-
cpe:2.3:a:redhat:satellite:6.5.1
-
cpe:2.3:a:redhat:satellite:6.5.2
-
cpe:2.3:a:redhat:satellite:6.5.3
-
cpe:2.3:a:redhat:satellite:6.6
-
cpe:2.3:a:redhat:satellite:6.6.1
-
cpe:2.3:a:redhat:satellite:6.6.2
-
cpe:2.3:a:redhat:satellite:6.6.3
-
cpe:2.3:a:redhat:satellite:6.7
-
cpe:2.3:a:redhat:satellite:6.7.1
-
cpe:2.3:a:redhat:satellite:6.7.2
-
cpe:2.3:a:redhat:satellite:6.7.3
-
cpe:2.3:a:redhat:satellite:6.7.4
-
cpe:2.3:a:redhat:satellite:6.7.5
-
cpe:2.3:a:redhat:satellite:6.8
-
cpe:2.3:a:redhat:satellite:6.8.1
-
cpe:2.3:a:redhat:satellite:6.8.2
-
cpe:2.3:a:redhat:satellite:6.8.3
-
cpe:2.3:a:redhat:satellite:6.8.4
-
cpe:2.3:a:redhat:satellite:6.8.5
-
cpe:2.3:a:redhat:satellite:6.8.6
-
cpe:2.3:a:redhat:satellite:6.9
-
cpe:2.3:a:redhat:satellite:6.9.1
-
cpe:2.3:a:redhat:satellite:6.9.10
-
cpe:2.3:a:redhat:satellite:6.9.2
-
cpe:2.3:a:redhat:satellite:6.9.3
-
cpe:2.3:a:redhat:satellite:6.9.4
-
cpe:2.3:a:redhat:satellite:6.9.5
-
cpe:2.3:a:redhat:satellite:6.9.6
-
cpe:2.3:a:redhat:satellite:6.9.7
-
cpe:2.3:a:redhat:satellite:6.9.8
-
cpe:2.3:a:redhat:satellite:6.9.9