DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
No reference.
History
Mon, 04 Nov 2024 07:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Redis 2.60 through 7.41 allows a denial of service (memory consumption) when authentication is enabled because "client-output-buffer-limit normal" has no limit, and an attacker can send requests without a password (which results in a "NOAUTH Authentication required" response). NOTE: this is disputed by third parties because Redis is not intended for use with untrusted clients. | DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. |
| References |
|
Mon, 04 Nov 2024 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Redis 2.60 through 7.41 allows a denial of service (memory consumption) when authentication is enabled because "client-output-buffer-limit normal" has no limit, and an attacker can send requests without a password (which results in a "NOAUTH Authentication required" response). NOTE: this is disputed by third parties because Redis is not intended for use with untrusted clients. | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: REJECTED
Assigner: mitre
Published:
Updated: 2024-11-04T06:48:44.428879
Reserved: 2024-10-08T00:00:00
Link: CVE-2024-48342
Vulnrichment
No data.
NVD
Status : Rejected
Published: 2024-11-04T07:15:11.437
Modified: 2024-11-04T07:15:11.437
Link: CVE-2024-48342
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses
No weakness.