PT-2023-6897 · Redis · Redisgraph
Ashitakaakasaka
·
Published
2023-09-08
·
Updated
2023-11-16
·
CVE-2023-47004
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
RedisGraph versions 2.x through 2.12.8
Description
The issue is related to a buffer overflow in the RedisGraph database, which can be exploited by a remote attacker to execute arbitrary code after valid authentication. This can occur due to the code logic allowing an operation to exceed memory buffer boundaries.
Recommendations
For versions 2.x through 2.12.8, update to version 2.12.9 to resolve the issue.
Exploit
Fix
Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Redisgraph