On October 04, 2024, Redis disclosed multiple vulnerabilities regarding the Redis In-Memory Database. As per the available information, the following are the vulnerability details:
| CVE ID | Vulnerability |
|---|---|
The most severe of these vulnerabilities is CVE-2024-31449, which is classified as a High severity and has a CVSS score of 8.8. It could allow remote attackers to execute arbitrary code on affected systems.
| Product Ranges | Product | Impacted | Mitigated | Patch Status |
|---|---|---|---|---|
Although the design of our database product did not allow the remote users to exploit the vulnerability, IONOS has rolled out the patched versions. As of now, there is no known exploit for these reported vulnerabilities.
IONOS Cloud has already rolled out the patched versions for the reported vulnerabilities.
If you have further questions or concerns about this vulnerability, contact IONOS Cloud Support.
Allows an authenticated remote user to execute an arbitrary remote code.
The vulnerabilities allow a remote user to perform Denial of Service (DoS) attack.
Databases
Yes
Yes
Done