Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-51741

Опубликовано: 06 янв. 2025
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.

A flaw was found in the Redis server. An authenticated attacker with sufficient privileges can create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service.

Отчет

This vulnerability affects Redis versions 7.0.0 or newer.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenShift Lightspeedopenshift-lightspeed-tech-preview/lightspeed-service-api-rhel9Not affected
Red Hat 3scale API Management Platform 23scale-amp-backend-containerNot affected
Red Hat 3scale API Management Platform 23scale-amp-system-containerNot affected
Red Hat Ansible Automation Platform 1.2ansible-towerNot affected
Red Hat Discoverydiscovery-server-containerNot affected
Red Hat Enterprise Linux 8redis:6/redisNot affected
Red Hat Enterprise Linux 9redisNot affected
Red Hat Enterprise Linux AI (RHEL AI)rhelai1/bootc-amd-rhel9Not affected
Red Hat Enterprise Linux AI (RHEL AI)rhelai1/bootc-azure-amd-rhel9Not affected
Red Hat Enterprise Linux AI (RHEL AI)rhelai1/instructlab-amd-rhel9Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=2336007redis: Redis allows denial-of-service due to malformed ACL selectors

EPSS

Процентиль: 21%
0.00067
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-51741

CVSS3: 4.4
ubuntu
6 месяцев назад

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.

nvd логотип

CVE-2024-51741

CVSS3: 4.4
nvd
6 месяцев назад

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.

msrc логотип

CVE-2024-51741

CVSS3: 4.4
msrc
5 месяцев назад

Описание отсутствует

debian логотип

CVE-2024-51741

CVSS3: 4.4
debian
6 месяцев назад

Redis is an open source, in-memory database that persists on disk. An ...

fstec логотип

BDU:2025-00449

CVSS3: 4.4
fstec
8 месяцев назад

Уязвимость системы управления базами данных Redis, связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 21%
0.00067
Низкий

4.4 Medium

CVSS3

Уязвимость CVE-2024-51741