RedisTimeSeries Integer Overflow Remote Code Execution Vulnerability
RedisTimeSeries is a time-series database (TSDB) module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially crafted command arguments may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. This vulnerability is fixed in 1.6.20, 1.8.15, 1.10.15, and 1.12.3.
Problem Types
| Type | CWE ID | Description |
|---|
| CWE | CWE-122 | CWE-122: Heap-based Buffer Overflow |
| CWE | CWE-190 | CWE-190: Integer Overflow or Wraparound |
Type: CWE
Description: CWE-122: Heap-based Buffer Overflow
Type: CWE
Description: CWE-190: Integer Overflow or Wraparound
Metrics
| Version | Base score | Base severity | Vector |
|---|
| 3.1 | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Version: 3.1
Base score: 7.0
Base severity: HIGH
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H