PT-2023-28731 · Satellite · Satellite

Vipul Nair

Publicado

2023-08-14

Atualizado

2024-04-25

CVE-2023-4320

CVSS v3.1

7.6

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Name of the Vulnerable Software and Affected Versions Satellite (affected versions not specified)

Description An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insufficient Session Expiration

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-613

Identificadores relacionados

CVE-2023-4320

RHSA-2024:2010

Produtos afetados

Satellite

PT-2023-28731 · Satellite · Satellite

CVE-2023-4320

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9