CVE-2023-47004

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 6, 2023

Updated: Nov 16, 2023

CWE ID 787

Summary

CVE-2023-47004 is a buffer overflow vulnerability affecting Redis Graph versions 2.x through 2.12.8. An attacker can exploit this issue by providing specially crafted input to the RedisGraph server, causing a buffer to overflow. After successful authentication, the attacker can execute arbitrary code on the vulnerable system, potentially leading to serious security consequences. The vulnerability has been addressed in RedisGraph version 2.12.9.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Redislabs Redisgraph

Affected Vendors

Redis Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tMzDGF
https://www.cve.org/CVERecord?id=CVE-2023-47004
https://nvd.nist.gov/vuln/detail/CVE-2023-47004

Back to Vulnerability Database