CVE-2023-28856 - Vulnerability Details

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Debian	Debian Linux
Fedoraproject	Fedora
Redhat	Acm Enterprise Linux
Redis	Redis

Configuration 1 [-]

OR	cpe:2.3:a:redis:redis::::::::
	cpe:2.3:a:redis:redis::::::::
	cpe:2.3:a:redis:redis::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*

Package	CPE	Advisory	Released Date
Red Hat Advanced Cluster Management for Kubernetes 2
acm-governance-policy-addon-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
acm-grafana-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
acm-must-gather-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
acm-operator-bundle-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
acm-prometheus-config-reloader-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
acm-prometheus-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
acm-volsync-addon-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
cert-policy-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
cluster-backup-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
config-policy-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
console-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
endpoint-monitoring-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
governance-policy-propagator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
governance-policy-spec-sync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
governance-policy-status-sync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
governance-policy-template-sync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
grafana-dashboard-loader-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
iam-policy-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
insights-client-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
insights-metrics-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
klusterlet-addon-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
kube-rbac-proxy-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
kube-state-metrics-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
management-ingress-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
memcached-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
memcached-exporter-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
metrics-collector-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
multicloud-integrations-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
multiclusterhub-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
multiclusterhub-repo-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
multicluster-observability-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
multicluster-operators-application-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
multicluster-operators-channel-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
multicluster-operators-subscription-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
node-exporter-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
observatorium-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
observatorium-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
prometheus-alertmanager-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
prometheus-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
rbac-query-proxy-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
redisgraph-tls-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
search-aggregator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
search-api-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
search-collector-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
search-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
submariner-addon-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
thanos-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
thanos-receive-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2023:3326	2023-05-26T00:00:00Z
Red Hat Enterprise Linux 8
redis:6-8100020250113083959.489197e6	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:0595	2025-01-22T00:00:00Z

References

Link	Providers
https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c
https://github.com/redis/redis/pull/11149
https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6
https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/
https://nvd.nist.gov/vuln/detail/CVE-2023-28856
https://security.netapp.com/advisory/ntap-20230601-0007/
https://www.cve.org/CVERecord?id=CVE-2023-28856

History

Thu, 13 Feb 2025 00:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8
Vendors & Products		Redhat enterprise Linux

Wed, 05 Feb 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sun, 08 Sep 2024 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat acm
CPEs		cpe:/a:redhat:acm:2.6::el8
Vendors & Products		Redhat Redhat acm

Mon, 19 Aug 2024 22:30:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/a:redhat:acm:2.6::el8~~
Vendors & Products	Redhat Redhat acm

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-04-18T20:50:03.691Z

Updated: 2025-02-13T16:48:56.936Z

Reserved: 2023-03-24T16:25:34.468Z

Link: CVE-2023-28856

Vulnrichment

Updated: 2024-08-02T13:51:38.912Z

NVD

Status : Modified

Published: 2023-04-18T21:15:09.313

Modified: 2024-11-21T07:56:10.077

Link: CVE-2023-28856

Redhat

Severity : Moderate

Publid Date: 2023-04-17T00:00:00Z

Links: CVE-2023-28856 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-28856", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-03-24T16:25:34.468Z", "datePublished": "2023-04-18T20:50:03.691Z", "dateUpdated": "2025-02-13T16:48:56.936Z"}, "containers": {"cna": {"title": "`HINCRBYFLOAT` can be used to crash a redis-server process", "problemTypes": [{"descriptions": [{"cweId": "CWE-617", "lang": "en", "description": "CWE-617: Reachable Assertion", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6"}, {"name": "https://github.com/redis/redis/pull/11149", "tags": ["x_refsource_MISC"], "url": "https://github.com/redis/redis/pull/11149"}, {"name": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c", "tags": ["x_refsource_MISC"], "url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/"}, {"url": "https://security.netapp.com/advisory/ntap-20230601-0007/"}], "affected": [{"vendor": "redis", "product": "redis", "versions": [{"version": ">= 7.0.0, < 7.0.11", "status": "affected"}, {"version": ">= 6.2.0, < 6.2.12", "status": "affected"}, {"version": "< 6.0.19", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-06-01T13:06:14.414Z"}, "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue."}], "source": {"advisory": "GHSA-hjv8-vjf6-wcr6", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T13:51:38.912Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6"}, {"name": "https://github.com/redis/redis/pull/11149", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/redis/redis/pull/11149"}, {"name": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230601-0007/", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-05T21:01:14.265489Z", "id": "CVE-2023-28856", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T21:01:23.877Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6", "name": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/redis/redis/pull/11149", "name": "https://github.com/redis/redis/pull/11149", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c", "name": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230601-0007/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T13:51:38.912Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-28856", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-05T21:01:14.265489Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T21:01:19.253Z"}}], "cna": {"title": "`HINCRBYFLOAT` can be used to crash a redis-server process", "source": {"advisory": "GHSA-hjv8-vjf6-wcr6", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "redis", "product": "redis", "versions": [{"status": "affected", "version": ">= 7.0.0, < 7.0.11"}, {"status": "affected", "version": ">= 6.2.0, < 6.2.12"}, {"status": "affected", "version": "< 6.0.19"}]}], "references": [{"url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6", "name": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/redis/redis/pull/11149", "name": "https://github.com/redis/redis/pull/11149", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c", "name": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c", "tags": ["x_refsource_MISC"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/"}, {"url": "https://security.netapp.com/advisory/ntap-20230601-0007/"}], "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-617", "description": "CWE-617: Reachable Assertion"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-04-18T20:50:03.691Z"}}}, "cveMetadata": {"cveId": "CVE-2023-28856", "state": "PUBLISHED", "dateUpdated": "2025-02-05T21:01:23.877Z", "dateReserved": "2023-03-24T16:25:34.468Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-04-18T20:50:03.691Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2B03AA7-7246-4AEB-9C34-37E63E9D734C", "versionEndExcluding": "6.0.19", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "matchCriteriaId": "34A547EB-9F9A-4554-97D5-0141CAE18222", "versionEndExcluding": "6.2.12", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADC8DBA4-6974-4E79-9218-286251C25982", "versionEndExcluding": "7.0.11", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue."}], "id": "CVE-2023-28856", "lastModified": "2024-11-21T07:56:10.077", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-18T21:15:09.313", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/redis/redis/pull/11149"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/"}, {"source": "security-advisories@github.com", "url": "https://security.netapp.com/advisory/ntap-20230601-0007/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/redis/redis/pull/11149"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20230601-0007/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-617"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-617"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-governance-policy-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-grafana-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-must-gather-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-prometheus-config-reloader-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-prometheus-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-volsync-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "cert-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "cluster-backup-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "config-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "console-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "endpoint-monitoring-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-propagator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-spec-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-status-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-template-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "grafana-dashboard-loader-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "iam-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "insights-client-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "insights-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "klusterlet-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "kube-rbac-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "kube-state-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "management-ingress-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "memcached-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "memcached-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "metrics-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicloud-integrations-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multiclusterhub-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multiclusterhub-repo-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-observability-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-operators-application-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-operators-channel-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-operators-subscription-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "node-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "observatorium-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "observatorium-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "prometheus-alertmanager-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "prometheus-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "rbac-query-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "redisgraph-tls-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-aggregator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-api-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-addon-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "thanos-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2023:3326", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "thanos-receive-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2023-05-26T00:00:00Z"}, {"advisory": "RHSA-2025:0595", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "redis:6-8100020250113083959.489197e6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-22T00:00:00Z"}], "bugzilla": {"description": "redis: Insufficient validation of HINCRBYFLOAT command", "id": "2187525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187525"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-20", "details": ["Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.", "A vulnerability was found in Redis. This flaw allows authenticated users to use the HINCRBYFLOAT command to create an invalid hash field that may crash Redis on access."], "name": "CVE-2023-28856", "package_state": [{"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Not affected", "package_name": "3scale-amp-backend-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/search-api-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform", "fix_state": "Not affected", "package_name": "ansible-tower", "product_name": "Red Hat Ansible Automation Platform 1.2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "redis", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "redis", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Out of support scope", "package_name": "redis", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "satellite:el8/rubygem-gitlab-sidekiq-fetcher", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-redis6-redis", "product_name": "Red Hat Software Collections"}], "public_date": "2023-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-28856\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-28856\nhttps://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object