Description

Redis is an open source in-memory data structure storage

Redis is designed to be accessed by trusted clients inside trusted environments. It's not recommended to have Redis service publicly accessible.

Remediation

It's recommended to restrict access to this service on production systems

References

Redis Security

Related Vulnerabilities

Microsoft IIS WebDAV authentication bypass

WordPress Plugin Easy Author Image Information Disclosure (1.5)

Jenkins open user registration

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-15132)

phpMyFAQ Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6048)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration