CVE-2023-4320
published 2023-12-18CVE-2023-4320: An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to…
PriorityP184high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
ITWVulnCheck KEVRansomware
Exploited in the wild
EPSS
0.53%
40.7th percentile
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | satellite | < 6.13 | 6.13 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for personal access tokens created with expiration dates far in the future or effectively non-expiring (indefinite validity), which may indicate exploitation of the arithmetic overflow flaw in Satellite's token creation logic. ↗
- ·The arithmetic overflow is triggered specifically during the creation of a new personal access token in Red Hat Satellite; review and audit all existing personal access tokens for anomalous or indefinite expiry values. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
vulncheck7.6HIGH
vendor_redhat7.6HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7v43-v54c-p26h: An arithmetic overflow flaw was found in Satellite when creating a new personal access token
ghsa_unreviewed·2023-12-30
CVE-2023-4320 [HIGH] CWE-613 GHSA-7v43-v54c-p26h: An arithmetic overflow flaw was found in Satellite when creating a new personal access token
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
VulnCheck
Red Hat satellite Insufficient Session Expiration
vulncheck·2023·CVSS 7.6
CVE-2023-4320 [HIGH] Red Hat satellite Insufficient Session Expiration
Red Hat satellite Insufficient Session Expiration
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
Affected: Red Hat satellite
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Known Ransomware Campaign Use: Known
Exploitation References: https://censys.com/state-of-internet-of-healthcare-things/
Red Hat
satellite: arithmetic overflow in satellite
vendor_redhat·2023-08-14·CVSS 7.6
CVE-2023-4320 [HIGH] CWE-613 satellite: arithmetic overflow in satellite
satellite: arithmetic overflow in satellite
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://access.redhat.com/errata/RHSA-2024:2010https://access.redhat.com/security/cve/CVE-2023-4320https://bugzilla.redhat.com/show_bug.cgi?id=2231814https://access.redhat.com/errata/RHSA-2024:2010https://access.redhat.com/security/cve/CVE-2023-4320https://bugzilla.redhat.com/show_bug.cgi?id=2231814
2023-12-18
Published
Exploited in the wild