Description

Redis is an open source in-memory data structure storage

Redis is designed to be accessed by trusted clients inside trusted environments. It's not recommended to have Redis service publicly accessible.

Remediation

It's recommended to restrict access to this service on production systems

References

Redis Security

Related Vulnerabilities

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)

Application is Vulnerable to the JWT Alg None Attack

Vulnerable project dependencies

SAP Management Console get user list

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-25703)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration