CVE-2023-4320 Satellite: arithmetic overflow in satellite

🗓️ 18 Dec 2023 13:43:07Reported by redhatType

Arithmetic overflow in Satellite access token

Reporter	Title	Published	Views	Family All 16
AlpineLinux	CVE-2023-4320	18 Dec 202313:43	–	alpinelinux
Circl	CVE-2023-4320	30 Aug 202512:19	–	circl
CNNVD	Red Hat Satellite Security Vulnerability	14 Aug 202300:00	–	cnnvd
CVE	CVE-2023-4320	18 Dec 202313:43	–	cve
EUVD	EUVD-2023-54186	3 Oct 202520:07	–	euvd
NVD	CVE-2023-4320	18 Dec 202314:15	–	nvd
OSV	CVE-2023-4320	18 Dec 202314:15	–	osv
OSV	RHSA-2024:2010 Red Hat Security Advisory: Satellite 6.15.0 release	30 Sep 202415:58	–	osv
Prion	Buffer overflow	18 Dec 202314:15	–	prion
Positive Technologies	PT-2023-28731 · Satellite · Satellite	14 Aug 202300:00	–	ptsecurity

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Satellite 6.15 for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "foreman",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.9.1.6-1.el8sat",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:satellite_utils:6.15::el8",
      "cpe:/a:redhat:satellite_capsule:6.15::el8",
      "cpe:/a:redhat:satellite:6.15::el8",
      "cpe:/a:redhat:satellite_maintenance:6.15::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Satellite 6.15 for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "foreman",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.9.1.6-1.el8sat",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:satellite_utils:6.15::el8",
      "cpe:/a:redhat:satellite_capsule:6.15::el8",
      "cpe:/a:redhat:satellite:6.15::el8",
      "cpe:/a:redhat:satellite_maintenance:6.15::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Satellite 6.15 for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "foreman",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.9.1.6-1.el8sat",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:satellite_utils:6.15::el8",
      "cpe:/a:redhat:satellite_capsule:6.15::el8",
      "cpe:/a:redhat:satellite:6.15::el8",
      "cpe:/a:redhat:satellite_maintenance:6.15::el8"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2023-4320
access	www.access.redhat.com/errata/RHSA-2024:2010
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

20 Nov 2025 18:27Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.6

EPSS0.0053

CWE-613