Description

Redis is an open source in-memory data structure storage

Redis is designed to be accessed by trusted clients inside trusted environments. It's not recommended to have Redis service publicly accessible.

Remediation

It's recommended to restrict access to this service on production systems

References

Redis Security

Related Vulnerabilities

Laravel Horizon open

WeBid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3815)

WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.27)

[Possible] Internal Path Disclosure (*nix)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0724)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration