CVE-2023-4320

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 18, 2023

Updated: Apr 25, 2024

CWE ID 78

CWE ID 502

Summary

CVE-2023-4320 is an arithmetic overflow vulnerability discovered in Satellite's token creation process. By exploiting this flaw, an attacker can generate personal access tokens that are indefinitely valid, potentially leading to system integrity damage. This issue arises from an arithmetic operation that overflows, allowing an attacker to manipulate token expiration. The impact of this vulnerability underscores the importance of secure token management and timely software updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mirth Connect

Affected Vendors

NextGen

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/suNPSE
https://www.cve.org/CVERecord?id=CVE-2023-4320
https://nvd.nist.gov/vuln/detail/CVE-2023-4320

Back to Vulnerability Database