Description

Redis is an open source in-memory data structure storage

Redis is designed to be accessed by trusted clients inside trusted environments. It's not recommended to have Redis service publicly accessible.

Remediation

It's recommended to restrict access to this service on production systems

References

Redis Security

Related Vulnerabilities

Virtual Host locations misconfiguration

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (3.4.33)

WordPress Plugin Backup Migration Information Disclosure (1.3.5)

YOURLS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3824)

Jenkins weak password

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration