CVE-2023-4320 - OpenCVE

An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Satellite

Configuration 1 [-]

cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2024:2010
https://access.redhat.com/security/cve/CVE-2023-4320	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2231814	Issue Tracking

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-12-18T13:43:07.747Z

Updated: 2024-05-01T20:21:08.549Z

Reserved: 2023-08-14T08:42:02.181Z

Link: CVE-2023-4320

JSON object: View

NVD Information

Status : Modified

Published: 2023-12-18T14:15:09.830

Modified: 2024-04-25T14:15:09.280

Link: CVE-2023-4320

JSON object: View

Redhat Information

No data.

CWE

CWE-613

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-4320", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-08-14T08:42:02.181Z", "datePublished": "2023-12-18T13:43:07.747Z", "dateUpdated": "2024-05-01T20:21:08.549Z"}, "containers": {"cna": {"title": "Satellite: arithmetic overflow in satellite", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Satellite 6.15 for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "foreman", "defaultStatus": "affected", "versions": [{"version": "0:3.9.1.6-1.el8sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_utils:6.15::el8", "cpe:/a:redhat:satellite:6.15::el8", "cpe:/a:redhat:satellite_maintenance:6.15::el8", "cpe:/a:redhat:satellite_capsule:6.15::el8"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6.15 for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "foreman", "defaultStatus": "affected", "versions": [{"version": "0:3.9.1.6-1.el8sat", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:satellite_utils:6.15::el8", "cpe:/a:redhat:satellite:6.15::el8", "cpe:/a:redhat:satellite_maintenance:6.15::el8", "cpe:/a:redhat:satellite_capsule:6.15::el8"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:2010", "name": "RHSA-2024:2010", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-4320", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231814", "name": "RHBZ#2231814", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2023-08-14T09:03:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-613", "description": "Insufficient Session Expiration", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-613: Insufficient Session Expiration", "timeline": [{"lang": "en", "time": "2023-08-14T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-08-14T09:03:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-05-01T20:21:08.549Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*", "matchCriteriaId": "483E41DC-50A4-4584-9338-DFB432991501", "versionEndExcluding": "6.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity."}, {"lang": "es", "value": "Se encontr\u00f3 una falla de desbordamiento aritm\u00e9tico en Satellite al crear un nuevo token de acceso personal. Esta falla permite a un atacante que utiliza este desbordamiento aritm\u00e9tico crear tokens de acceso personal que son v\u00e1lidos indefinidamente, lo que da\u00f1a la integridad del sistema."}], "id": "CVE-2023-4320", "lastModified": "2024-04-25T14:15:09.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.7, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-12-18T14:15:09.830", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:2010"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-4320"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231814"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-613"}], "source": "secalert@redhat.com", "type": "Secondary"}]}