First published: Mon Nov 06 2023(Updated: )
Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
>=2.0.0<2.12.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-47004.
The title of the vulnerability is 'Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9'.
The severity of CVE-2023-47004 is high with a CVSS score of 8.8.
Redis RedisGraph v.2.x through v.2.12.8 are affected by CVE-2023-47004.
An attacker can exploit CVE-2023-47004 by executing arbitrary code via the code logic after valid authentication.
CVE-2023-47004 is fixed in RedisGraph v.2.12.9, so updating to this version will fix the vulnerability.
You can find more information about CVE-2023-47004 in the advisory mentioned in the reference link: https://github.com/RedisGraph/RedisGraph/issues/3178.
CVE-2023-47004 belongs to CWE categories 119 and 787.