Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-24735

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.

Published

2022-04-27T20:15:09.730

Last Modified

2024-11-21T06:50:58.810

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 3.9 (LOW)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-94
Type: Primary
CWE-94

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redis	redis	< 6.2.7	Yes
Application	redis	redis	7.0	Yes
Application	redis	redis	7.0	Yes
Application	redis	redis	7.0	Yes
Operating System	fedoraproject	fedora	34	Yes
Operating System	fedoraproject	fedora	35	Yes
Operating System	fedoraproject	fedora	36	Yes
Application	netapp	management_services_for_element_software	-	Yes
Application	netapp	management_services_for_netapp_hci	-	Yes
Application	oracle	communications_operations_monitor	4.3	Yes
Application	oracle	communications_operations_monitor	4.4	Yes
Application	oracle	communications_operations_monitor	5.0	Yes

References

https://github.com/redis/redis/pull/10651 Exploit, Third Party Advisory ([email protected])
https://github.com/redis/redis/releases/tag/6.2.7 Release Notes, Third Party Advisory ([email protected])
https://github.com/redis/redis/releases/tag/7.0.0 Release Notes, Third Party Advisory ([email protected])
https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/ ([email protected])
https://security.gentoo.org/glsa/202209-17 Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20220715-0003/ Third Party Advisory ([email protected])
https://www.oracle.com/security-alerts/cpujul2022.html Patch, Third Party Advisory ([email protected])
https://github.com/redis/redis/pull/10651 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/redis/redis/releases/tag/6.2.7 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/redis/redis/releases/tag/7.0.0 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4ZK3675DGHVVDOFLJN7WX6YYH27GPMK/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPYKSG7LKUJGVM2P72EHXKVRVRWHLORX/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSTPUCAPBRHIFPSCOURR4OYX4E2OISAF/ (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202209-17 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20220715-0003/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2022.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)