Advisory on Redis Vulnerabilities

On October 04, 2024, Redis disclosed multiple vulnerabilities regarding the Redis In-Memory Database. As per the available information, the following are the vulnerability details:

CVE ID

Vulnerability

CVE-2024-31449

Allows an authenticated remote user to execute an arbitrary remote code.

CVE-2024-31227 CVE-2024-31228

The vulnerabilities allow a remote user to perform Denial of Service (DoS) attack.

The most severe of these vulnerabilities is CVE-2024-31449, which is classified as a High severity and has a CVSS score of 8.8. It could allow remote attackers to execute arbitrary code on affected systems.

Impacted IONOS Cloud Products

Product Ranges

Product

Impacted

Mitigated

Patch Status

Databases

In-Memory DB

Yes

Done

Risk on IONOS Cloud user environment

Although the design of our database product did not allow the remote users to exploit the vulnerability, IONOS has rolled out the patched versions. As of now, there is no known exploit for these reported vulnerabilities.

What action has IONOS Cloud taken to mitigate the severity?

IONOS Cloud has already rolled out the patched versions for the reported vulnerabilities.

How can I get help?

If you have further questions or concerns about this vulnerability, contact IONOS Cloud Support.

PreviousAdvisory on Linux CUPS Vulnerabilities NextAdvisory on CVE-2024-6387

Last updated 5 months ago

Was this helpful?

Good afternoon

hashtagImpacted IONOS Cloud Products

hashtagRisk on IONOS Cloud user environment

hashtagWhat action has IONOS Cloud taken to mitigate the severity?

hashtagHow can I get help?

Impacted IONOS Cloud Products

Risk on IONOS Cloud user environment

What action has IONOS Cloud taken to mitigate the severity?

How can I get help?