CVE-2023-22458

Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS v3.0 5.5 MEDIUM

5.5^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/redis/redis/security/advisories/GHSA-r8w2-2m53-gprj	Third Party Advisory
https://github.com/redis/redis/commit/16f408b1a0121cacd44cbf8aee275d69dc627f02	Patch Third Party Advisory
https://github.com/redis/redis/releases/tag/6.2.9	Release Notes Third Party Advisory
https://github.com/redis/redis/releases/tag/7.0.8	Release Notes Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redis:redis::::::::
	cpe:2.3:a:redis:redis::::::::

Information

Published : 2023-01-20 11:15

Updated : 2023-02-02 06:23

NVD link : CVE-2023-22458

Mitre link : CVE-2023-22458

JSON object : View

CWE

CWE-190

Integer Overflow or Wraparound

Advertisement

Products Affected

redis

redis

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/redis/redis/security/advisories/GHSA-r8w2-2m53-gprj", "name": "https://github.com/redis/redis/security/advisories/GHSA-r8w2-2m53-gprj", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/redis/redis/commit/16f408b1a0121cacd44cbf8aee275d69dc627f02", "name": "https://github.com/redis/redis/commit/16f408b1a0121cacd44cbf8aee275d69dc627f02", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/redis/redis/releases/tag/6.2.9", "name": "https://github.com/redis/redis/releases/tag/6.2.9", "tags": ["Release Notes", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/redis/redis/releases/tag/7.0.8", "name": "https://github.com/redis/redis/releases/tag/7.0.8", "tags": ["Release Notes", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-190"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-22458", "ASSIGNER": "security-advisories@github.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2023-01-20T19:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.2.9", "versionStartIncluding": "6.2.0"}, {"cpe23Uri": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "7.0.8", "versionStartIncluding": "7.0.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-02T14:23Z"}