PT-2023-6897 · Redis · Redisgraph

Ashitakaakasaka

Publicado

2023-09-08

Atualizado

2023-11-16

CVE-2023-47004

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions RedisGraph versions 2.x through 2.12.8

Description The issue is related to a buffer overflow in the RedisGraph database, which can be exploited by a remote attacker to execute arbitrary code after valid authentication. This can occur due to the code logic allowing an operation to exceed memory buffer boundaries.

Recommendations For versions 2.x through 2.12.8, update to version 2.12.9 to resolve the issue.

Exploit

Correção

Buffer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-787CWE-120

Identificadores relacionados

BDU:2023-07915

CVE-2023-47004

Produtos afetados

Redisgraph

PT-2023-6897 · Redis · Redisgraph

CVE-2023-47004

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11