Описание
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
Ссылки
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.20 (включая)
Одно из
cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*
cpe:2.3:a:redislabs:redis:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redislabs:redis:3.0.1:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.0712
Низкий
10 Critical
CVSS2
Дефекты
CWE-17
Связанные уязвимости
ubuntu
больше 10 лет назад
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
redhat
больше 10 лет назад
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
debian
больше 10 лет назад
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to ex ...
github
больше 3 лет назад
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
fstec
больше 10 лет назад
Уязвимость системы управления базами данных Redis, позволяющая нарушителю выполнить произвольный Lua-байт-код
EPSS
Процентиль: 91%
0.0712
Низкий
10 Critical
CVSS2
Дефекты
CWE-17