Redis.XAUTOCLAIM.command.COUNT.Integer.Overflow
Description
This indicates an attack attempt to exploit an Integer Overflow Vulnerability in Redis Labs Redis.
The vulnerability is due to improper handling of COUNT argument in XAUTOCLAIM command. A remote attacker can exploit this vulnerability by sending crafted messages to the affected server. Successful exploitation could result in a denial of service conditions or in the worst case, execution of arbitrary code under the security context of the server process.
Affected Products
Redis Labs Redis 7.0.0 above and prior to 7.0.5
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/redis/redis/security/advisories/GHSA-5gc4-76rx-22c9
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |