Vulnerabilites related to netapp - management_services_for_netapp_hci
Vulnerability from fkie_nvd
Published
2021-10-12 18:15
Modified
2024-11-21 06:22
Severity ?
Summary
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
samba | samba | * | |
samba | samba | * | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
netapp | ontap_select_deploy_administration_utility | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "AE0BDAA5-2AEC-40FD-A355-571DB1F7E49B", versionEndExcluding: "4.13.12", vulnerable: true, }, { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "A4749057-1B17-4E8E-A26E-0C2E2A6EA0BA", versionEndExcluding: "4.14.8", versionStartIncluding: "4.14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.", }, { lang: "es", value: "Se ha encontrado una desreferencia de puntero null en la forma en que el servidor kerberos de Samba manejaba el sname faltante en TGS-REQ (Ticket Granting Server - Request). Un usuario autenticado podría usar este fallo para bloquear el servidor samba", }, ], id: "CVE-2021-3671", lastModified: "2024-11-21T06:22:07.473", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-12T18:15:08.357", references: [ { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C", }, { source: "secalert@redhat.com", url: "https://bugzilla.samba.org/show_bug.cgi?id=14770%2C", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0002/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.samba.org/show_bug.cgi?id=14770%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221215-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230216-0008/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5287", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-09 22:15
Modified
2025-01-02 22:15
Severity ?
Summary
Windows Kerberos Elevation of Privilege Vulnerability
References
▼ | URL | Tags | |
---|---|---|---|
secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202309-06 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", matchCriteriaId: "DB18C4CE-5917-401E-ACF7-2747084FD36E", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", matchCriteriaId: "821614DD-37DD-44E2-A8A4-FE8D23A33C3C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "703773B3-EE5B-41F5-A2D9-B56F96B8793D", versionEndExcluding: "4.15.13", vulnerable: true, }, { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "10AA6759-95FC-47A6-AA92-342893A2B23E", versionEndExcluding: "4.16.8", versionStartIncluding: "4.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "96E911B3-B4DD-451C-9579-74559328F89F", versionEndExcluding: "4.17.4", versionStartIncluding: "4.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Windows Kerberos Elevation of Privilege Vulnerability", }, { lang: "es", value: "Vulnerabilidad de elevación de privilegios de Kerberos en Windows", }, ], id: "CVE-2022-37967", lastModified: "2025-01-02T22:15:10.010", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "secure@microsoft.com", type: "Primary", }, ], }, published: "2022-11-09T22:15:14.590", references: [ { source: "secure@microsoft.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202309-06", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-04 18:15
Modified
2024-11-21 06:07
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | * | |
redis | redis | * | |
redhat | software_collections | - | |
redhat | enterprise_linux | 8.0 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "B1D84464-9B7F-437E-8259-660417BE088D", versionEndExcluding: "5.0.14", versionStartIncluding: "3.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "02DF8086-645E-4D42-93D3-A4B11D289C7C", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "4686800E-16BA-42CE-B691-011D1D5D0CC2", versionEndExcluding: "6.2.6", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", matchCriteriaId: "749804DA-4B27-492A-9ABA-6BB562A6B3AC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.", }, { lang: "es", value: "Redis es una base de datos en memoria de código abierto que persiste en el disco. Cuando es usado el depurador Lua de Redis, unos usuarios pueden enviar peticiones malformadas que causan que el analizador de protocolo del depurador lea datos más allá del búfer real. Este problema afecta a todas las versiones de Redis con soporte de depuración Lua (3.2 o más reciente). El problema es corregido en las versiones 6.2.6, 6.0.16 y 5.0.14", }, ], id: "CVE-2021-32672", lastModified: "2024-11-21T06:07:30.103", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T18:15:08.780", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-04 18:15
Modified
2024-11-21 06:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways: Using network access control tools like firewalls, iptables, security groups, etc. or Enabling TLS and requiring users to authenticate using client side certificates.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | * | |
redis | redis | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "D5D64A76-B253-4A64-8AA2-DD8815CB3CF8", versionEndExcluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "02DF8086-645E-4D42-93D3-A4B11D289C7C", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "4686800E-16BA-42CE-B691-011D1D5D0CC2", versionEndExcluding: "6.2.6", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways: Using network access control tools like firewalls, iptables, security groups, etc. or Enabling TLS and requiring users to authenticate using client side certificates.", }, { lang: "es", value: "Redis es una base de datos en memoria de código abierto que persiste en el disco. Cuando es analizada una petición entrante del Protocolo Estándar de Redis (RESP), Redis asigna la memoria de acuerdo con los valores especificados por el usuario, que determinan el número de elementos (en el encabezado multi-bulk) y el tamaño de cada elemento (en el encabezado bulk). Un atacante que envíe peticiones especialmente diseñadas a través de múltiples conexiones puede causar que el servidor asigne una cantidad significativa de memoria. Debido a que el mismo mecanismo de análisis es usado para manejar las peticiones de autenticación, esta vulnerabilidad también puede ser explotada por usuarios no autenticados. El problema se ha corregido en las versiones de Redis 6.2.6, 6.0.16 y 5.0.14. Una solución adicional para mitigar este problema sin necesidad de parchear el ejecutable del servidor Redis es bloquear el acceso para evitar que los usuarios no autentificados se conecten a Redis. Esto puede hacerse de diferentes maneras: Usando herramientas de control de acceso a la red como firewalls, iptables, grupos de seguridad, etc. o Habilitando TLS y requiriendo que los usuarios se autentiquen usando certificados del lado del cliente", }, ], id: "CVE-2021-32675", lastModified: "2024-11-21T06:07:30.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T18:15:08.923", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47%40%3Cnotifications.geode.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47%40%3Cnotifications.geode.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-25 21:15
Modified
2025-02-13 13:50
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:certifi:certifi:*:*:*:*:*:python:*:*", matchCriteriaId: "2FF2392F-9661-448D-BE25-4AD98BD5D808", versionEndExcluding: "2023.7.22", versionStartIncluding: "2015.4.28", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "E8F29E19-3A64-4426-A2AA-F169440267CC", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_mediator:-:*:*:*:*:*:*:*", matchCriteriaId: "19DD87DA-6999-4B38-B953-BEC49760F2BF", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*", matchCriteriaId: "D452B464-1200-4B72-9A89-42DC58486191", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes \"e-Tugra\" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from \"e-Tugra\" from the root store.", }, ], id: "CVE-2023-37920", lastModified: "2025-02-13T13:50:15.813", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-25T21:15:10.827", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A", }, { source: "security-advisories@github.com", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240912-0002/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-07 22:15
Modified
2025-02-12 17:36
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
certifi | certifi | * | |
netapp | e-series_performance_analyzer | - | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:certifi:certifi:*:*:*:*:*:python:*:*", matchCriteriaId: "A9A9E60B-C4BA-4FA7-9EDF-26C0F2433F5D", versionEndExcluding: "2022.12.7", versionStartIncluding: "2017.11.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from \"TrustCor\" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.", }, { lang: "es", value: "Certifi es una colección seleccionada de Root Certificates para validar la confiabilidad de los certificados SSL mientras se verifica la identidad de los hosts TLS. Certifi 2022.12.07 elimina los certificados raíz de \"TrustCor\" del almacén raíz. Estos están en proceso de ser eliminados del almacén de confianza de Mozilla. Los certificados raíz de TrustCor se están eliminando de conformidad con una investigación impulsada por los medios de comunicación que informaron que la propiedad de TrustCor también operaba un negocio que producía software espía. Las conclusiones de la investigación de Mozilla se pueden encontrar en el grupo de discusión de Google vinculado.", }, ], id: "CVE-2022-23491", lastModified: "2025-02-12T17:36:19.373", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-07T22:15:09.870", references: [ { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230223-0010/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-17 15:15
Modified
2024-11-21 07:47
Severity ?
Summary
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", matchCriteriaId: "CC324629-0240-4DC0-BAFA-D476D5FDDA61", versionEndExcluding: "3.7.17", vulnerable: true, }, { criteria: "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", matchCriteriaId: "0A6B1607-9E1F-4A14-918F-B1A1786D028E", versionEndExcluding: "3.8.17", versionStartIncluding: "3.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", matchCriteriaId: "0287FC5A-256F-40EE-93D0-2DFFE38BB5A1", versionEndExcluding: "3.9.17", versionStartIncluding: "3.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", matchCriteriaId: "4AA7FA11-C746-4E69-94C2-18E745D82054", versionEndExcluding: "3.10.12", versionStartIncluding: "3.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", matchCriteriaId: "AD14A157-FEA9-411F-B338-F1B6F726599D", versionEndExcluding: "3.11.4", versionStartIncluding: "3.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", }, { lang: "es", value: "Un problema en el componente urllib.parse de Python anterior a 3.11.4 permite a los atacantes eludir los métodos de listas de bloqueo proporcionando una URL que comienza con caracteres en blanco.", }, ], id: "CVE-2023-24329", lastModified: "2024-11-21T07:47:40.647", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-17T15:15:12.243", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/python/cpython/issues/102153", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/python/cpython/pull/99421", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://pointernull.com/security/python-url-parse-problem.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230324-0004/", }, { source: "cve@mitre.org", url: "https://www.kb.cert.org/vuls/id/127587", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/python/cpython/issues/102153", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/python/cpython/pull/99421", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Technical Description", "Third Party Advisory", ], url: "https://pointernull.com/security/python-url-parse-problem.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230324-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.kb.cert.org/vuls/id/127587", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-04 18:15
Modified
2024-11-21 06:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | * | |
redis | redis | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "AF0E2817-5ED6-4954-99C9-CA444A018497", versionEndExcluding: "5.0.14", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "02DF8086-645E-4D42-93D3-A4B11D289C7C", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "4686800E-16BA-42CE-B691-011D1D5D0CC2", versionEndExcluding: "6.2.6", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.", }, { lang: "es", value: "Redis es una base de datos en memoria de código abierto que persiste en el disco. En las versiones afectadas, los scripts de Lua especialmente diseñados que se ejecutan en Redis pueden causar el desbordamiento de la pila de Lua en la región heap de la memoria, debido a las comprobaciones incompletas de esta condición. Esto puede resultar en una corrupción de la pila y potencialmente en una ejecución de código remota . Este problema se presenta en todas las versiones de Redis con soporte para scripts Lua, a partir de la 2.6. El problema es corregido en las versiones 6.2.6, 6.0.16 y 5.0.14. Para usuarios que no puedan actualizar una solución adicional para mitigar el problema sin parchear el ejecutable del servidor Redis es evitar que los usuarios ejecuten scripts Lua. Esto puede hacerse usando ACL para restringir los comandos EVAL y EVALSHA", }, ], id: "CVE-2021-32626", lastModified: "2024-11-21T06:07:24.403", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T18:15:08.140", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0%40%3Ccommits.druid.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-122", }, { lang: "en", value: "CWE-787", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-04 18:15
Modified
2024-11-21 06:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter to a very large value and constructing specially crafted commands to manipulate sets. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the set-max-intset-entries configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | * | |
redis | redis | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "D5D64A76-B253-4A64-8AA2-DD8815CB3CF8", versionEndExcluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "02DF8086-645E-4D42-93D3-A4B11D289C7C", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "4686800E-16BA-42CE-B691-011D1D5D0CC2", versionEndExcluding: "6.2.6", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter to a very large value and constructing specially crafted commands to manipulate sets. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the set-max-intset-entries configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, { lang: "es", value: "Redis es una base de datos en memoria de código abierto que persiste en el disco. Un error de desbordamiento de enteros que afecta a todas las versiones de Redis puede ser explotado para corromper la pila y potencialmente ser usado para filtrar contenidos arbitrarios de la pila o desencadenar una ejecución de código remota . La vulnerabilidad implica cambiar el parámetro de configuración por defecto set-max-intset-entries a un valor muy grande y construir comandos especialmente diseñados para manipular conjuntos. El problema se ha corregido en las versiones de Redis 6.2.6, 6.0.16 y 5.0.14. Una solución adicional para mitigar el problema sin parchear el ejecutable de redis-server es evitar que los usuarios modifiquen el parámetro de configuración set-max-intset-entries. Esto puede hacerse usando ACL para restringir a usuarios sin privilegios el uso del comando CONFIG SET", }, ], id: "CVE-2021-32687", lastModified: "2024-11-21T06:07:31.953", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T18:15:08.980", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-680", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-09 22:15
Modified
2025-01-02 22:15
Severity ?
Summary
Netlogon RPC Elevation of Privilege Vulnerability
References
▼ | URL | Tags | |
---|---|---|---|
secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202309-06 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", matchCriteriaId: "DB18C4CE-5917-401E-ACF7-2747084FD36E", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", matchCriteriaId: "821614DD-37DD-44E2-A8A4-FE8D23A33C3C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "703773B3-EE5B-41F5-A2D9-B56F96B8793D", versionEndExcluding: "4.15.13", vulnerable: true, }, { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "10AA6759-95FC-47A6-AA92-342893A2B23E", versionEndExcluding: "4.16.8", versionStartIncluding: "4.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "96E911B3-B4DD-451C-9579-74559328F89F", versionEndExcluding: "4.17.4", versionStartIncluding: "4.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Netlogon RPC Elevation of Privilege Vulnerability", }, { lang: "es", value: "Vulnerabilidad de elevación de privilegios de Netlogon RPC", }, ], id: "CVE-2022-38023", lastModified: "2025-01-02T22:15:15.160", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "secure@microsoft.com", type: "Primary", }, ], }, published: "2022-11-09T22:15:16.203", references: [ { source: "secure@microsoft.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202309-06", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-27 20:15
Modified
2024-11-21 06:50
Severity ?
3.9 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | 7.0 | |
redis | redis | 7.0 | |
redis | redis | 7.0 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
fedoraproject | fedora | 36 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "250A0F22-00E1-4D99-B104-9164482B84B1", versionEndExcluding: "6.2.7", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:7.0:rc1:*:*:*:*:*:*", matchCriteriaId: "7EC787AB-59D2-4562-8C10-C4C3FBDBFD74", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:7.0:rc2:*:*:*:*:*:*", matchCriteriaId: "C43EE3A8-E7A4-471C-BFC1-01E014A8C8A1", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:7.0:rc3:*:*:*:*:*:*", matchCriteriaId: "482D8DA2-EE8F-4FF9-93EB-996E8D5DA013", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.", }, { lang: "es", value: "Redis es una base de datos en memoria que persiste en el disco. Aprovechando las debilidades del entorno de ejecución de scripts Lua, un atacante con acceso a Redis versiones anteriores a 7.0.0 o 6.2.7 puede inyectar código Lua que será ejecutado con privilegios (potencialmente superiores) de otro usuario de Redis. El entorno de ejecución de scripts Lua en Redis proporciona algunas medidas que impiden que un script cree efectos secundarios que persistan y puedan afectar a la ejecución del mismo, o de un script diferente, en un momento posterior. Varios puntos débiles de estas medidas son conocidos públicamente desde hace mucho tiempo, pero no presentaban ningún impacto en la seguridad, ya que el modelo de seguridad de Redis no respaldaba el concepto de usuarios o privilegios. Con la introducción de ACLs en Redis versión 6.0, estas debilidades pueden ser explotadas por un usuario con menos privilegios para inyectar código Lua que será ejecutado en un momento posterior, cuando un usuario privilegiado ejecute un script Lua. El problema ha sido corregido en Redis versiones 7.0.0 y 6.2.7. Una medida adicional para mitigar este problema sin necesidad de parchear el ejecutable del servidor Redis, si no son usados scripts Lua, es bloquear el acceso a los comandos \"SCRIPT LOAD\" y \"EVAL\" usando reglas ACL", }, ], id: "CVE-2022-24735", lastModified: "2024-11-21T06:50:58.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 2.5, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-27T20:15:09.730", references: [ { source: "security-advisories@github.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/redis/redis/pull/10651", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/redis/redis/pull/10651", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-04 18:15
Modified
2024-11-21 06:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | * | |
redis | redis | * | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "D5D64A76-B253-4A64-8AA2-DD8815CB3CF8", versionEndExcluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "02DF8086-645E-4D42-93D3-A4B11D289C7C", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "4686800E-16BA-42CE-B691-011D1D5D0CC2", versionEndExcluding: "6.2.6", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.", }, { lang: "es", value: "Redis es una base de datos en memoria de código abierto que persiste en el disco. La herramienta de línea de comandos redis-cli y el servicio redis-sentinel pueden ser vulnerables a un desbordamiento de enteros cuando analizan respuestas de red de gran tamaño especialmente diseñadas. Esto es resultado de una vulnerabilidad en la biblioteca hiredis subyacente que no lleva a cabo una comprobación de desbordamiento antes de llamar a la función de asignación de pila calloc(). Este problema sólo afecta a los sistemas con asignadores de pila que no llevan a cabo sus propias comprobaciones de desbordamiento. La mayoría de los sistemas modernos lo hacen y, por lo tanto, no es probable que estén afectados. Además, por defecto redis-sentinel usa el asignador jemalloc que tampoco es vulnerable. El problema se ha corregido en las versiones de Redis 6.2.6, 6.0.16 y 5.0.14", }, ], id: "CVE-2021-32762", lastModified: "2024-11-21T06:07:41.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T18:15:09.043", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwr", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-680", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-04 18:15
Modified
2024-11-21 06:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements. The problem is fixed in Redis 6.2.6, 6.0.16 and 5.0.14. For users unable to upgrade an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the proto-max-bulk-len configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | * | |
redis | redis | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "D5D64A76-B253-4A64-8AA2-DD8815CB3CF8", versionEndExcluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "02DF8086-645E-4D42-93D3-A4B11D289C7C", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "4686800E-16BA-42CE-B691-011D1D5D0CC2", versionEndExcluding: "6.2.6", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements. The problem is fixed in Redis 6.2.6, 6.0.16 and 5.0.14. For users unable to upgrade an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the proto-max-bulk-len configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, { lang: "es", value: "Redis es una base de datos en memoria de código abierto que persiste en el disco. En las versiones afectadas, un bug de desbordamiento de enteros en Redis puede ser explotado para corromper la pila y resultar potencialmente en una ejecución de código remota . La vulnerabilidad consiste en cambiar los parámetros de configuración predeterminados proto-max-bulk-len y client-query-buffer-limit a valores muy grandes y construir elementos de flujo muy grandes especialmente diseñados. El problema es corregido en Redis 6.2.6, 6.0.16 y 5.0.14. Para usuarios que no puedan actualizar, una solución adicional para mitigar el problema sin parchear el ejecutable de redis-server es evitar que los usuarios modifiquen el parámetro de configuración proto-max-bulk-len. Esto puede hacerse usando ACL para restringir a usuarios sin privilegios el uso del comando CONFIG SET", }, ], id: "CVE-2021-32627", lastModified: "2024-11-21T06:07:24.570", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T18:15:08.353", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-680", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-04 18:15
Modified
2024-11-21 06:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands to create very large ziplists. The problem is fixed in Redis versions 6.2.6, 6.0.16, 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the above configuration parameters. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | * | |
redis | redis | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "D5D64A76-B253-4A64-8AA2-DD8815CB3CF8", versionEndExcluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "02DF8086-645E-4D42-93D3-A4B11D289C7C", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "4686800E-16BA-42CE-B691-011D1D5D0CC2", versionEndExcluding: "6.2.6", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands to create very large ziplists. The problem is fixed in Redis versions 6.2.6, 6.0.16, 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the above configuration parameters. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, { lang: "es", value: "Redis es una base de datos en memoria de código abierto que persiste en el disco. Un bug de desbordamiento de enteros en la estructura de datos ziplist usada por todas las versiones de Redis puede ser explotado para corromper la pila y potencialmente resultar en una ejecución de código remota. La vulnerabilidad implica la modificación de los parámetros de configuración de ziplist por defecto (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries o zset-max-ziplist-value) a un valor muy grande, y luego la construcción de comandos especialmente diseñados para crear ziplists muy grandes. El problema es corregido en las versiones de Redis 6.2.6, 6.0.16 y 5.0.14. Una solución adicional para mitigar el problema sin necesidad de parchear el ejecutable de redis-server es evitar que los usuarios modifiquen los parámetros de configuración anteriores. Esto puede hacerse usando ACL para restringir a usuarios sin privilegios el uso del comando CONFIG SET", }, ], id: "CVE-2021-32628", lastModified: "2024-11-21T06:07:24.730", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-04T18:15:08.577", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-680", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-09 22:15
Modified
2025-01-02 22:15
Severity ?
Summary
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
References
▼ | URL | Tags | |
---|---|---|---|
secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202309-06 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", matchCriteriaId: "DB18C4CE-5917-401E-ACF7-2747084FD36E", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", matchCriteriaId: "821614DD-37DD-44E2-A8A4-FE8D23A33C3C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "703773B3-EE5B-41F5-A2D9-B56F96B8793D", versionEndExcluding: "4.15.13", vulnerable: true, }, { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "10AA6759-95FC-47A6-AA92-342893A2B23E", versionEndExcluding: "4.16.8", versionStartIncluding: "4.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", matchCriteriaId: "96E911B3-B4DD-451C-9579-74559328F89F", versionEndExcluding: "4.17.4", versionStartIncluding: "4.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability", }, { lang: "es", value: "Vulnerabilidad de elevación de privilegios en Kerberos RC4-HMAC de Windows", }, ], id: "CVE-2022-37966", lastModified: "2025-01-02T22:15:09.867", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "secure@microsoft.com", type: "Primary", }, ], }, published: "2022-11-09T22:15:13.603", references: [ { source: "secure@microsoft.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202309-06", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-29 17:15
Modified
2024-11-21 07:12
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
References
▼ | URL | Tags | |
---|---|---|---|
security-advisories@github.com | https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3 | Release Notes, Third Party Advisory | |
security-advisories@github.com | https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369 | Exploit, Third Party Advisory | |
security-advisories@github.com | https://jsoup.org/news/release-1.15.3 | Release Notes, Vendor Advisory | |
security-advisories@github.com | https://security.netapp.com/advisory/ntap-20221104-0006/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3 | Release Notes, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://jsoup.org/news/release-1.15.3 | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221104-0006/ | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
jsoup | jsoup | * | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
netapp | oncommand_workflow_automation | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jsoup:jsoup:*:*:*:*:*:*:*:*", matchCriteriaId: "B8341769-FF52-45A1-B692-74C5E963BE4F", versionEndExcluding: "1.15.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)", }, { lang: "es", value: "jsoup es un analizador HTML de Java, construido para la edición, limpieza y raspado de HTML, y para la seguridad de vulnerabilidades de tipo cross-site scripting (XSS). jsoup puede sanear incorrectamente el HTML que incluye expresiones URL \"javascript:\", lo que podría permitir ataques de tipo XSS cuando un lector hace clic posteriormente en ese enlace. Si la opción no predeterminada \"SafeList.preserveRelativeLinks\" está habilitada, el HTML que incluya expresiones URL \"javascript:\" que hayan sido diseñadas con caracteres de control no será saneado. Si el sitio en el que es publicado este HTML no establece una política de seguridad de contenidos, es posible un ataque de tipo XSS. Este problema ha sido corregido en jsoup versión 1.15.3. Los usuarios deberían actualizar a esta versión. Además, como es posible que la entrada no saneada haya sido mantenido, el contenido antiguo debe limpiarse de nuevo usando la versión actualizada. Para mitigar este problema sin tener que actualizar inmediatamente - deshabilite \"SafeList.preserveRelativeLinks\", que reescribirá las URLs de entrada como URLs absolutas - asegúrese de que es definido una [Política de Seguridad de Contenidos](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) apropiada. (Esto debería usarse independientemente de la actualización, como mejor práctica de defensa en profundidad)", }, ], id: "CVE-2022-36033", lastModified: "2024-11-21T07:12:13.753", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-29T17:15:08.523", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://jsoup.org/news/release-1.15.3", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221104-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://jsoup.org/news/release-1.15.3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221104-0006/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, { lang: "en", value: "CWE-87", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-27 20:15
Modified
2024-11-21 06:50
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redis | redis | * | |
redis | redis | 7.0 | |
redis | redis | 7.0 | |
redis | redis | 7.0 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
fedoraproject | fedora | 36 | |
netapp | management_services_for_element_software | - | |
netapp | management_services_for_netapp_hci | - | |
oracle | communications_operations_monitor | 4.3 | |
oracle | communications_operations_monitor | 4.4 | |
oracle | communications_operations_monitor | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", matchCriteriaId: "250A0F22-00E1-4D99-B104-9164482B84B1", versionEndExcluding: "6.2.7", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:7.0:rc1:*:*:*:*:*:*", matchCriteriaId: "7EC787AB-59D2-4562-8C10-C4C3FBDBFD74", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:7.0:rc2:*:*:*:*:*:*", matchCriteriaId: "C43EE3A8-E7A4-471C-BFC1-01E014A8C8A1", vulnerable: true, }, { criteria: "cpe:2.3:a:redis:redis:7.0:rc3:*:*:*:*:*:*", matchCriteriaId: "482D8DA2-EE8F-4FF9-93EB-996E8D5DA013", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "86B51137-28D9-41F2-AFA2-3CC22B4954D1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.", }, { lang: "es", value: "Redis es una base de datos en memoria que persiste en el disco. Antes de las versiones 6.2.7 y 7.0.0, un atacante que intente cargar un script Lua especialmente diseñado puede causar una derivación de puntero NULL que resultará en una caída del proceso del servidor Redis. El problema se ha solucionado en las versiones de Redis 7.0.0 y 6.2.7. Una solución adicional para mitigar este problema sin necesidad de parchear el ejecutable de redis-server, si no se utilizan scripts de Lua, es bloquear el acceso a los comandos `SCRIPT LOAD` y `EVAL` mediante reglas ACL", }, ], id: "CVE-2022-24736", lastModified: "2024-11-21T06:50:58.983", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-27T20:15:09.857", references: [ { source: "security-advisories@github.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/redis/redis/pull/10651", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/redis/redis/pull/10651", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2023-24329
Vulnerability from cvelistv5
Published
2023-02-17 00:00
Modified
2024-08-02 10:56
Severity ?
EPSS score ?
Summary
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:56:03.505Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://pointernull.com/security/python-url-parse-problem.html", }, { tags: [ "x_transferred", ], url: "https://github.com/python/cpython/pull/99421", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230324-0004/", }, { name: "FEDORA-2023-b3a3df39dd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/", }, { name: "FEDORA-2023-406c1c6ed7", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/", }, { name: "FEDORA-2023-1092538441", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/", }, { name: "FEDORA-2023-63c69aa712", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/", }, { name: "FEDORA-2023-96aa33f0d3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/", }, { name: "FEDORA-2023-953c2607d8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/", }, { name: "FEDORA-2023-2b25dd2a11", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/", }, { name: "FEDORA-2023-994ecd7dbc", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/", }, { name: "FEDORA-2023-690e150a39", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/", }, { name: "FEDORA-2023-81bb8e3b99", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/", }, { name: "FEDORA-2023-d8b0003ecd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/", }, { name: "FEDORA-2023-56cefa23df", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/", }, { tags: [ "x_transferred", ], url: "https://github.com/python/cpython/issues/102153", }, { name: "FEDORA-2023-31888c4781", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/", }, { name: "FEDORA-2023-acdfd145f2", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/", }, { name: "FEDORA-2023-03599274db", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/", }, { name: "FEDORA-2023-b854908745", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/", }, { name: "FEDORA-2023-d294ef140e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/", }, { name: "FEDORA-2023-309cadedc6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/", }, { name: "FEDORA-2023-401947eb94", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/", }, { name: "FEDORA-2023-f52390b9d2", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/", }, { name: "FEDORA-2023-dd526ed2e4", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/", }, { name: "VU#127587", tags: [ "third-party-advisory", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/127587", }, { name: "[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-20T21:06:19.477131", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://pointernull.com/security/python-url-parse-problem.html", }, { url: "https://github.com/python/cpython/pull/99421", }, { url: "https://security.netapp.com/advisory/ntap-20230324-0004/", }, { name: "FEDORA-2023-b3a3df39dd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/", }, { name: "FEDORA-2023-406c1c6ed7", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/", }, { name: "FEDORA-2023-1092538441", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/", }, { name: "FEDORA-2023-63c69aa712", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/", }, { name: "FEDORA-2023-96aa33f0d3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/", }, { name: "FEDORA-2023-953c2607d8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/", }, { name: "FEDORA-2023-2b25dd2a11", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/", }, { name: "FEDORA-2023-994ecd7dbc", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/", }, { name: "FEDORA-2023-690e150a39", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/", }, { name: "FEDORA-2023-81bb8e3b99", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/", }, { name: "FEDORA-2023-d8b0003ecd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/", }, { name: "FEDORA-2023-56cefa23df", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/", }, { url: "https://github.com/python/cpython/issues/102153", }, { name: "FEDORA-2023-31888c4781", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/", }, { name: "FEDORA-2023-acdfd145f2", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/", }, { name: "FEDORA-2023-03599274db", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/", }, { name: "FEDORA-2023-b854908745", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/", }, { name: "FEDORA-2023-d294ef140e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/", }, { name: "FEDORA-2023-309cadedc6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/", }, { name: "FEDORA-2023-401947eb94", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/", }, { name: "FEDORA-2023-f52390b9d2", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/", }, { name: "FEDORA-2023-dd526ed2e4", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/", }, { name: "VU#127587", tags: [ "third-party-advisory", ], url: "https://www.kb.cert.org/vuls/id/127587", }, { name: "[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-24329", datePublished: "2023-02-17T00:00:00", dateReserved: "2023-01-23T00:00:00", dateUpdated: "2024-08-02T10:56:03.505Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24736
Vulnerability from cvelistv5
Published
2022-04-27 19:55
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.463Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/pull/10651", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984", }, { name: "FEDORA-2022-6ed1ce2838", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { name: "FEDORA-2022-a0a4c7eb31", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { name: "FEDORA-2022-44373f6778", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: "< 6.2.7", }, { status: "affected", version: "< 7.0.0", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476: NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:32", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/pull/10651", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984", }, { name: "FEDORA-2022-6ed1ce2838", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { name: "FEDORA-2022-a0a4c7eb31", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { name: "FEDORA-2022-44373f6778", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-3qpw-7686-5984", discovery: "UNKNOWN", }, title: "A Malformed Lua script can crash Redis", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-24736", STATE: "PUBLIC", TITLE: "A Malformed Lua script can crash Redis", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: "< 6.2.7", }, { version_value: "< 7.0.0", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476: NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/pull/10651", refsource: "MISC", url: "https://github.com/redis/redis/pull/10651", }, { name: "https://github.com/redis/redis/releases/tag/6.2.7", refsource: "MISC", url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { name: "https://github.com/redis/redis/releases/tag/7.0.0", refsource: "MISC", url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { name: "https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984", }, { name: "FEDORA-2022-6ed1ce2838", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { name: "FEDORA-2022-a0a4c7eb31", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { name: "FEDORA-2022-44373f6778", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220715-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-3qpw-7686-5984", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24736", datePublished: "2022-04-27T19:55:10", dateReserved: "2022-02-10T00:00:00", dateUpdated: "2024-08-03T04:20:50.463Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-37967
Vulnerability from cvelistv5
Published
2022-11-09 00:00
Modified
2025-01-02 21:31
Severity ?
EPSS score ?
Summary
Windows Kerberos Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967 | vendor-advisory |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:37:42.617Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Windows Kerberos Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202309-06", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-37967", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T13:57:00.933042Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T13:58:06.887Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.4974", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.4974", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2022", vendor: "Microsoft", versions: [ { lessThan: "10.0.20348.2031", status: "affected", version: "10.0.20348.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.6351", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.6351", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", ], product: "Windows Server 2008 Service Pack 2", vendor: "Microsoft", versions: [ { lessThan: "6.0.6003.22317", status: "affected", version: "6.0.6003.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows Server 2008 Service Pack 2 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.0.6003.22317", status: "affected", version: "6.0.6003.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 Service Pack 2", vendor: "Microsoft", versions: [ { lessThan: "6.0.6003.22317", status: "affected", version: "6.0.6003.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 R2 Service Pack 1", vendor: "Microsoft", versions: [ { lessThan: "6.1.7601.26769", status: "affected", version: "6.1.7601.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.1.7601.26769", status: "affected", version: "6.1.7601.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012", vendor: "Microsoft", versions: [ { lessThan: "6.2.9200.24523", status: "affected", version: "6.2.9200.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.2.9200.24523", status: "affected", version: "6.2.9200.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2", vendor: "Microsoft", versions: [ { lessThan: "6.3.9600.21620", status: "affected", version: "6.3.9600.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.3.9600.21620", status: "affected", version: "6.3.9600.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.4974", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.4974", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.20348.2031", versionStartIncluding: "10.0.20348.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.6351", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.6351", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.0.6003.22317", versionStartIncluding: "6.0.6003.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.0.6003.22317", versionStartIncluding: "6.0.6003.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", versionEndExcluding: "6.0.6003.22317", versionStartIncluding: "6.0.6003.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.1.7601.26769", versionStartIncluding: "6.1.7601.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.1.7601.26769", versionStartIncluding: "6.1.7601.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.2.9200.24523", versionStartIncluding: "6.2.9200.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.2.9200.24523", versionStartIncluding: "6.2.9200.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.3.9600.21620", versionStartIncluding: "6.3.9600.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.3.9600.21620", versionStartIncluding: "6.3.9600.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-11-08T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "Windows Kerberos Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T21:31:31.133Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Windows Kerberos Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967", }, ], title: "Windows Kerberos Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-37967", datePublished: "2022-11-09T00:00:00", dateReserved: "2022-08-08T00:00:00", dateUpdated: "2025-01-02T21:31:31.133Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-37966
Vulnerability from cvelistv5
Published
2022-11-09 00:00
Modified
2025-01-02 21:31
Severity ?
EPSS score ?
Summary
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2019 |
Version: N/A |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:37:42.598Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202309-06", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-37966", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T13:50:56.816223Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T13:51:22.379Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2022", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "32-bit Systems", ], product: "Windows Server 2008 Service Pack 2", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows Server 2008 Service Pack 2 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 Service Pack 2", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 R2 Service Pack 1", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "N/A", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionStartIncluding: "N/A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-11-08T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T21:31:29.871Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966", }, ], title: "Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-37966", datePublished: "2022-11-09T00:00:00", dateReserved: "2022-08-08T00:00:00", dateUpdated: "2025-01-02T21:31:29.871Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23491
Vulnerability from cvelistv5
Published
2022-12-07 21:15
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.
References
▼ | URL | Tags |
---|---|---|
https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8 | x_refsource_CONFIRM | |
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ | x_refsource_MISC |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
certifi | python-certifi |
Version: < 2022.12.07 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:43:46.116Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://security.netapp.com/advisory/ntap-20230223-0010/", }, { name: "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", }, { name: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "python-certifi", vendor: "certifi", versions: [ { status: "affected", version: "< 2022.12.07", }, ], }, ], descriptions: [ { lang: "en", value: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from \"TrustCor\" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "CWE-345: Insufficient Verification of Data Authenticity", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-07T21:15:53.804Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", }, { name: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", tags: [ "x_refsource_MISC", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", }, ], source: { advisory: "GHSA-43fp-rhv2-5gv8", discovery: "UNKNOWN", }, title: "Removal of TrustCor root certificate", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-23491", datePublished: "2022-12-07T21:15:53.804Z", dateReserved: "2022-01-19T21:23:53.763Z", dateUpdated: "2024-08-03T03:43:46.116Z", requesterUserId: "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32687
Vulnerability from cvelistv5
Published
2021-10-04 17:55
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter to a very large value and constructing specially crafted commands to manipulate sets. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the set-max-intset-entries configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q | x_refsource_CONFIRM | |
https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-5001 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:25:31.090Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: "< 5.0.14", }, { status: "affected", version: ">= 6.0.0, < 6.0.16", }, { status: "affected", version: ">= 6.2.0, < 6.2.6", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter to a very large value and constructing specially crafted commands to manipulate sets. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the set-max-intset-entries configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-680", description: "CWE-680: Integer Overflow to Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:44", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-m3mf-8x9w-r27q", discovery: "UNKNOWN", }, title: "Integer overflow issue with intsets in Redis", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-32687", STATE: "PUBLIC", TITLE: "Integer overflow issue with intsets in Redis", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: "< 5.0.14", }, { version_value: ">= 6.0.0, < 6.0.16", }, { version_value: ">= 6.2.0, < 6.2.6", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter to a very large value and constructing specially crafted commands to manipulate sets. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the set-max-intset-entries configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190: Integer Overflow or Wraparound", }, ], }, { description: [ { lang: "eng", value: "CWE-680: Integer Overflow to Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q", }, { name: "https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f", refsource: "MISC", url: "https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f", }, { name: "FEDORA-2021-8913c7900c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5001", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211104-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-m3mf-8x9w-r27q", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-32687", datePublished: "2021-10-04T17:55:10", dateReserved: "2021-05-12T00:00:00", dateUpdated: "2024-08-03T23:25:31.090Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37920
Vulnerability from cvelistv5
Published
2023-07-25 20:45
Modified
2025-02-13 17:01
Severity ?
EPSS score ?
Summary
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.
References
▼ | URL | Tags |
---|---|---|
https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7 | x_refsource_CONFIRM | |
https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909 | x_refsource_MISC | |
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/ |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
certifi | python-certifi |
Version: >= 2015.04.28, < 2023.07.22 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-09-12T16:02:55.011Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7", }, { name: "https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909", }, { name: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/", }, { url: "https://security.netapp.com/advisory/ntap-20240912-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "python-certifi", vendor: "certifi", versions: [ { status: "affected", version: ">= 2015.04.28, < 2023.07.22", }, ], }, ], descriptions: [ { lang: "en", value: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes \"e-Tugra\" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from \"e-Tugra\" from the root store.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "CWE-345: Insufficient Verification of Data Authenticity", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-12T05:07:57.236Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7", }, { name: "https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909", tags: [ "x_refsource_MISC", ], url: "https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909", }, { name: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A", tags: [ "x_refsource_MISC", ], url: "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/", }, ], source: { advisory: "GHSA-xqr8-7jwr-rhp7", discovery: "UNKNOWN", }, title: "Certifi's removal of e-Tugra root certificate", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-37920", datePublished: "2023-07-25T20:45:35.286Z", dateReserved: "2023-07-10T17:51:29.612Z", dateUpdated: "2025-02-13T17:01:37.615Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3671
Vulnerability from cvelistv5
Published
2021-10-12 00:00
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C | ||
https://bugzilla.samba.org/show_bug.cgi?id=14770%2C | ||
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a | ||
https://www.debian.org/security/2022/dsa-5287 | vendor-advisory | |
https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html | mailing-list | |
https://security.netapp.com/advisory/ntap-20221215-0002/ | ||
https://security.netapp.com/advisory/ntap-20230216-0008/ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:07.967Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C", }, { tags: [ "x_transferred", ], url: "https://bugzilla.samba.org/show_bug.cgi?id=14770%2C", }, { tags: [ "x_transferred", ], url: "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a", }, { name: "DSA-5287", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5287", }, { name: "[debian-lts-announce] 20221126 [SECURITY] [DLA 3206-1] heimdal security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221215-0002/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230216-0008/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Samba", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in samba 4.13.12, samba 4.14.8", }, ], }, ], descriptions: [ { lang: "en", value: "A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C", }, { url: "https://bugzilla.samba.org/show_bug.cgi?id=14770%2C", }, { url: "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a", }, { name: "DSA-5287", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5287", }, { name: "[debian-lts-announce] 20221126 [SECURITY] [DLA 3206-1] heimdal security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html", }, { url: "https://security.netapp.com/advisory/ntap-20221215-0002/", }, { url: "https://security.netapp.com/advisory/ntap-20230216-0008/", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3671", datePublished: "2021-10-12T00:00:00", dateReserved: "2021-07-30T00:00:00", dateUpdated: "2024-08-03T17:01:07.967Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24735
Vulnerability from cvelistv5
Published
2022-04-27 19:43
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq | x_refsource_CONFIRM | |
https://github.com/redis/redis/pull/10651 | x_refsource_MISC | |
https://github.com/redis/redis/releases/tag/6.2.7 | x_refsource_MISC | |
https://github.com/redis/redis/releases/tag/7.0.0 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/ | vendor-advisory, x_refsource_FEDORA | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220715-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.279Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/pull/10651", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { name: "FEDORA-2022-6ed1ce2838", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { name: "FEDORA-2022-a0a4c7eb31", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { name: "FEDORA-2022-44373f6778", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: "< 7.0.0", }, { status: "affected", version: ">= 6.0.0, < 6.2.7", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:33", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/pull/10651", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { name: "FEDORA-2022-6ed1ce2838", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { name: "FEDORA-2022-a0a4c7eb31", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { name: "FEDORA-2022-44373f6778", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-647m-2wmq-qmvq", discovery: "UNKNOWN", }, title: "Lua scripts can be manipulated to overcome ACL rules in Redis", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-24735", STATE: "PUBLIC", TITLE: "Lua scripts can be manipulated to overcome ACL rules in Redis", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: "< 7.0.0", }, { version_value: ">= 6.0.0, < 6.2.7", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-94 Improper Control of Generation of Code ('Code Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq", }, { name: "https://github.com/redis/redis/pull/10651", refsource: "MISC", url: "https://github.com/redis/redis/pull/10651", }, { name: "https://github.com/redis/redis/releases/tag/6.2.7", refsource: "MISC", url: "https://github.com/redis/redis/releases/tag/6.2.7", }, { name: "https://github.com/redis/redis/releases/tag/7.0.0", refsource: "MISC", url: "https://github.com/redis/redis/releases/tag/7.0.0", }, { name: "FEDORA-2022-6ed1ce2838", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/", }, { name: "FEDORA-2022-a0a4c7eb31", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/", }, { name: "FEDORA-2022-44373f6778", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220715-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220715-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-647m-2wmq-qmvq", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24735", datePublished: "2022-04-27T19:43:27", dateReserved: "2022-02-10T00:00:00", dateUpdated: "2024-08-03T04:20:50.279Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32675
Vulnerability from cvelistv5
Published
2021-10-04 17:50
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways: Using network access control tools like firewalls, iptables, security groups, etc. or Enabling TLS and requiring users to authenticate using client side certificates.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p | x_refsource_CONFIRM | |
https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47%40%3Cnotifications.geode.apache.org%3E | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-5001 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:25:31.170Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "[geode-notifications] 20211013 [GitHub] [geode] jdeppe-pivotal opened a new pull request #6994: GEODE-9676: Limit array and string sizes for unauthenticated Radish connections", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47%40%3Cnotifications.geode.apache.org%3E", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: "< 5.0.14", }, { status: "affected", version: ">= 6.0.0, < 6.0.16", }, { status: "affected", version: ">= 6.2.0, < 6.2.6", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways: Using network access control tools like firewalls, iptables, security groups, etc. or Enabling TLS and requiring users to authenticate using client side certificates.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:35", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "[geode-notifications] 20211013 [GitHub] [geode] jdeppe-pivotal opened a new pull request #6994: GEODE-9676: Limit array and string sizes for unauthenticated Radish connections", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47%40%3Cnotifications.geode.apache.org%3E", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-f6pw-v9gw-v64p", discovery: "UNKNOWN", }, title: "DoS vulnerability in Redis", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-32675", STATE: "PUBLIC", TITLE: "DoS vulnerability in Redis", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: "< 5.0.14", }, { version_value: ">= 6.0.0, < 6.0.16", }, { version_value: ">= 6.2.0, < 6.2.6", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests over multiple connections can cause the server to allocate significant amount of memory. Because the same parsing mechanism is used to handle authentication requests, this vulnerability can also be exploited by unauthenticated users. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways: Using network access control tools like firewalls, iptables, security groups, etc. or Enabling TLS and requiring users to authenticate using client side certificates.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-770: Allocation of Resources Without Limits or Throttling", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p", }, { name: "https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8", refsource: "MISC", url: "https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8", }, { name: "FEDORA-2021-8913c7900c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "[geode-notifications] 20211013 [GitHub] [geode] jdeppe-pivotal opened a new pull request #6994: GEODE-9676: Limit array and string sizes for unauthenticated Radish connections", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47@%3Cnotifications.geode.apache.org%3E", }, { name: "FEDORA-2021-aa94492a09", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5001", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211104-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-f6pw-v9gw-v64p", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-32675", datePublished: "2021-10-04T17:50:11", dateReserved: "2021-05-12T00:00:00", dateUpdated: "2024-08-03T23:25:31.170Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32627
Vulnerability from cvelistv5
Published
2021-10-04 17:35
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements. The problem is fixed in Redis 6.2.6, 6.0.16 and 5.0.14. For users unable to upgrade an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the proto-max-bulk-len configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3 | x_refsource_MISC | |
https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v | x_refsource_CONFIRM | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-5001 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:25:30.868Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: ">= 5.0.0, < 5.0.14", }, { status: "affected", version: ">= 6.0.0, < 6.0.16", }, { status: "affected", version: ">= 6.2.0, < 6.2.6", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements. The problem is fixed in Redis 6.2.6, 6.0.16 and 5.0.14. For users unable to upgrade an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the proto-max-bulk-len configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-680", description: "CWE-680: Integer Overflow to Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:28", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-f434-69fm-g45v", discovery: "UNKNOWN", }, title: "Integer overflow issue with Streams in Redis", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-32627", STATE: "PUBLIC", TITLE: "Integer overflow issue with Streams in Redis", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: ">= 5.0.0, < 5.0.14", }, { version_value: ">= 6.0.0, < 6.0.16", }, { version_value: ">= 6.2.0, < 6.2.6", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and client-query-buffer-limit configuration parameters to very large values and constructing specially crafted very large stream elements. The problem is fixed in Redis 6.2.6, 6.0.16 and 5.0.14. For users unable to upgrade an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the proto-max-bulk-len configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190: Integer Overflow or Wraparound", }, ], }, { description: [ { lang: "eng", value: "CWE-680: Integer Overflow to Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", refsource: "MISC", url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { name: "https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v", }, { name: "FEDORA-2021-8913c7900c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5001", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211104-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-f434-69fm-g45v", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-32627", datePublished: "2021-10-04T17:35:16", dateReserved: "2021-05-12T00:00:00", dateUpdated: "2024-08-03T23:25:30.868Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38023
Vulnerability from cvelistv5
Published
2022-11-09 00:00
Modified
2025-01-02 21:31
Severity ?
EPSS score ?
Summary
Netlogon RPC Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows Server 2019 |
Version: 10.0.17763.0 < 10.0.17763.4645 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:37:42.627Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Netlogon RPC Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202309-06", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.4645", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.4645", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2022", vendor: "Microsoft", versions: [ { lessThan: "10.0.20348.1850", status: "affected", version: "10.0.20348.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.6085", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.6085", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", ], product: "Windows Server 2008 Service Pack 2", vendor: "Microsoft", versions: [ { lessThan: "6.0.6003.22175", status: "affected", version: "6.0.6003.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows Server 2008 Service Pack 2 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.0.6003.22175", status: "affected", version: "6.0.6003.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 Service Pack 2", vendor: "Microsoft", versions: [ { lessThan: "6.0.6003.22175", status: "affected", version: "6.0.6003.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 R2 Service Pack 1", vendor: "Microsoft", versions: [ { lessThan: "6.1.7601.26623", status: "affected", version: "6.1.7601.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.1.7601.26623", status: "affected", version: "6.1.7601.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012", vendor: "Microsoft", versions: [ { lessThan: "6.2.9200.24374", status: "affected", version: "6.2.9200.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.2.9200.24374", status: "affected", version: "6.2.9200.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2", vendor: "Microsoft", versions: [ { lessThan: "6.3.9600.21063", status: "affected", version: "6.3.9600.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2012 R2 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "6.3.9600.21063", status: "affected", version: "6.3.9600.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.4645", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.4645", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.20348.1850", versionStartIncluding: "10.0.20348.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.6085", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.6085", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.0.6003.22175", versionStartIncluding: "6.0.6003.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.0.6003.22175", versionStartIncluding: "6.0.6003.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*", versionEndExcluding: "6.0.6003.22175", versionStartIncluding: "6.0.6003.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.1.7601.26623", versionStartIncluding: "6.1.7601.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.1.7601.26623", versionStartIncluding: "6.1.7601.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.2.9200.24374", versionStartIncluding: "6.2.9200.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.2.9200.24374", versionStartIncluding: "6.2.9200.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.3.9600.21063", versionStartIncluding: "6.3.9600.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", versionEndExcluding: "6.3.9600.21063", versionStartIncluding: "6.3.9600.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-11-08T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "Netlogon RPC Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T21:31:19.695Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Netlogon RPC Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023", }, ], title: "Netlogon RPC Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-38023", datePublished: "2022-11-09T00:00:00", dateReserved: "2022-08-08T00:00:00", dateUpdated: "2025-01-02T21:31:19.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32628
Vulnerability from cvelistv5
Published
2021-10-04 17:35
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands to create very large ziplists. The problem is fixed in Redis versions 6.2.6, 6.0.16, 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the above configuration parameters. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr | x_refsource_CONFIRM | |
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-5001 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:25:30.918Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: ">= 6.2.0, < 6.2.6", }, { status: "affected", version: ">= 6.0.0, < 6.0.16", }, { status: "affected", version: "< 5.0.14", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands to create very large ziplists. The problem is fixed in Redis versions 6.2.6, 6.0.16, 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the above configuration parameters. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-680", description: "CWE-680: Integer Overflow to Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:46", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-vw22-qm3h-49pr", discovery: "UNKNOWN", }, title: "Vulnerability in handling large ziplists", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-32628", STATE: "PUBLIC", TITLE: "Vulnerability in handling large ziplists", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: ">= 6.2.0, < 6.2.6", }, { version_value: ">= 6.0.0, < 6.0.16", }, { version_value: "< 5.0.14", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands to create very large ziplists. The problem is fixed in Redis versions 6.2.6, 6.0.16, 5.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from modifying the above configuration parameters. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190: Integer Overflow or Wraparound", }, ], }, { description: [ { lang: "eng", value: "CWE-680: Integer Overflow to Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr", }, { name: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", refsource: "MISC", url: "https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3", }, { name: "FEDORA-2021-8913c7900c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5001", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211104-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-vw22-qm3h-49pr", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-32628", datePublished: "2021-10-04T17:35:11", dateReserved: "2021-05-12T00:00:00", dateUpdated: "2024-08-03T23:25:30.918Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32672
Vulnerability from cvelistv5
Published
2021-10-04 17:40
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm | x_refsource_CONFIRM | |
https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-5001 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:25:31.094Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: ">= 3.2.0, < 5.0.14", }, { status: "affected", version: ">= 6.0.0, < 6.0.16", }, { status: "affected", version: ">= 6.0.0, < 6.2.6", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:41", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-9mj9-xx53-qmxm", discovery: "UNKNOWN", }, title: "Vulnerability in Lua Debugger in Redis", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-32672", STATE: "PUBLIC", TITLE: "Vulnerability in Lua Debugger in Redis", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: ">= 3.2.0, < 5.0.14", }, { version_value: ">= 6.0.0, < 6.0.16", }, { version_value: ">= 6.0.0, < 6.2.6", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm", }, { name: "https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd", refsource: "MISC", url: "https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd", }, { name: "FEDORA-2021-8913c7900c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5001", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211104-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-9mj9-xx53-qmxm", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-32672", datePublished: "2021-10-04T17:40:10", dateReserved: "2021-05-12T00:00:00", dateUpdated: "2024-08-03T23:25:31.094Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32762
Vulnerability from cvelistv5
Published
2021-10-04 18:00
Modified
2024-08-03 23:33
Severity ?
EPSS score ?
Summary
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwr | x_refsource_CONFIRM | |
https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-5001 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:33:55.894Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwr", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: "< 5.0.14", }, { status: "affected", version: ">= 6.0.0, < 6.0.16", }, { status: "affected", version: ">= 6.2.0, < 6.2.6", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-680", description: "CWE-680: Integer Overflow to Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:31", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwr", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-833w-8v3m-8wwr", discovery: "UNKNOWN", }, title: "Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-32762", STATE: "PUBLIC", TITLE: "Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: "< 5.0.14", }, { version_value: ">= 6.0.0, < 6.0.16", }, { version_value: ">= 6.2.0, < 6.2.6", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190: Integer Overflow or Wraparound", }, ], }, { description: [ { lang: "eng", value: "CWE-680: Integer Overflow to Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwr", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-833w-8v3m-8wwr", }, { name: "https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71", refsource: "MISC", url: "https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71", }, { name: "FEDORA-2021-8913c7900c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "FEDORA-2021-aa94492a09", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5001", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211104-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-833w-8v3m-8wwr", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-32762", datePublished: "2021-10-04T18:00:11", dateReserved: "2021-05-12T00:00:00", dateUpdated: "2024-08-03T23:33:55.894Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36033
Vulnerability from cvelistv5
Published
2022-08-29 00:00
Modified
2024-08-03 09:51
Severity ?
EPSS score ?
Summary
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:51:59.964Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369", }, { tags: [ "x_transferred", ], url: "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3", }, { tags: [ "x_transferred", ], url: "https://jsoup.org/news/release-1.15.3", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221104-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "jsoup", vendor: "jhy", versions: [ { status: "affected", version: "< 1.15.3", }, ], }, ], descriptions: [ { lang: "en", value: "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-87", description: "CWE-87: Improper Neutralization of Alternate XSS Syntax", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-04T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369", }, { url: "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3", }, { url: "https://jsoup.org/news/release-1.15.3", }, { url: "https://security.netapp.com/advisory/ntap-20221104-0006/", }, ], source: { advisory: "GHSA-gp7f-rwcx-9369", discovery: "UNKNOWN", }, title: "jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-36033", datePublished: "2022-08-29T00:00:00", dateReserved: "2022-07-15T00:00:00", dateUpdated: "2024-08-03T09:51:59.964Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32626
Vulnerability from cvelistv5
Published
2021-10-04 17:30
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.
References
▼ | URL | Tags |
---|---|---|
https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c | x_refsource_CONFIRM | |
https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0%40%3Ccommits.druid.apache.org%3E | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2021/dsa-5001 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0003/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-17 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:25:30.986Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "[druid-commits] 20211025 [GitHub] [druid] jihoonson opened a new pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0%40%3Ccommits.druid.apache.org%3E", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "redis", vendor: "redis", versions: [ { status: "affected", version: ">= 6.2.0, < 6.2.6", }, { status: "affected", version: ">= 6.0.0, < 6.0.16", }, { status: "affected", version: ">= 2.6.0, < 5.0.14", }, ], }, ], descriptions: [ { lang: "en", value: "Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-29T16:07:36", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591", }, { name: "FEDORA-2021-8913c7900c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "[druid-commits] 20211025 [GitHub] [druid] jihoonson opened a new pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0%40%3Ccommits.druid.apache.org%3E", }, { name: "FEDORA-2021-aa94492a09", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5001", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-17", }, ], source: { advisory: "GHSA-p486-xggp-782c", discovery: "UNKNOWN", }, title: "Lua scripts can overflow the heap-based Lua stack in Redis", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-32626", STATE: "PUBLIC", TITLE: "Lua scripts can overflow the heap-based Lua stack in Redis", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "redis", version: { version_data: [ { version_value: ">= 6.2.0, < 6.2.6", }, { version_value: ">= 6.0.0, < 6.0.16", }, { version_value: ">= 2.6.0, < 5.0.14", }, ], }, }, ], }, vendor_name: "redis", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122: Heap-based Buffer Overflow", }, ], }, { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c", refsource: "CONFIRM", url: "https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c", }, { name: "https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591", refsource: "MISC", url: "https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591", }, { name: "FEDORA-2021-8913c7900c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/", }, { name: "FEDORA-2021-61c487f241", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/", }, { name: "[druid-commits] 20211025 [GitHub] [druid] jihoonson opened a new pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E", }, { name: "FEDORA-2021-aa94492a09", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/", }, { name: "DSA-5001", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5001", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211104-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211104-0003/", }, { name: "GLSA-202209-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-17", }, ], }, source: { advisory: "GHSA-p486-xggp-782c", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-32626", datePublished: "2021-10-04T17:30:11", dateReserved: "2021-05-12T00:00:00", dateUpdated: "2024-08-03T23:25:30.986Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }