Cyber Resilience

CVE-2023-25155

Medium

Published: 02 March 2023

Published
02 March 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0504 90.0th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-25155 is a medium-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Redis Redis. Its CVSS base score is 5.5 (Medium).

Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

Redis is an in-memory database that persists on disk and is affected by CVE-2023-25155, an integer overflow vulnerability (CWE-190) present in all versions. The issue manifests when authenticated users issue specially crafted SRANDMEMBER, ZRANDMEMBER, or HRANDFIELD commands, triggering a runtime assertion that terminates the Redis server process. The vulnerability carries a CVSS score of 5.5, reflecting local access requirements with low attack complexity and privileges but high impact on availability.

Authenticated users with the ability to execute the affected commands can exploit this flaw to cause a denial of service by crashing the Redis instance. Because the attack requires authentication and local vector per the CVSS metrics, it is typically limited to insiders or compromised accounts rather than remote unauthenticated attackers.

Advisories and patches released by the Redis project recommend upgrading to versions 6.0.18, 6.2.11, or 7.0.9, which contain fixes for the integer overflow. The corresponding commits and release notes are available in the project's GitHub repository, along with a detailed security advisory.

The exploitation probability remains low, with an EPSS score peaking at approximately 0.06, indicating limited observed interest in active exploitation following disclosure.

EU & UK References

Vulnerability details

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all…

more

Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

redis
redis
≤ 6.0.18 · 6.2.0 — 6.2.11 · 7.0.0 — 7.0.9

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References