FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

redis -- Possible bypassing ACL configuration

Affected packages
7.0.0 <= redis < 7.0.13
7.2.0 <= redis < 7.2.1
redis-devel <
7.0.0 <= redis70 < 7.0.13


VuXML ID 6c72b13f-4d1d-11ee-a7f1-080027f5fec9
Discovery 2023-09-06
Entry 2023-09-07

yangbodong22011 reports:

Redis does not correctly identify keys accessed by SORT_RO and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration.


CVE Name CVE-2023-41053