CVE-2023-28856 in Communications Operations Monitorinfo

Summary

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsible

GitHub, Inc.

Reservation

03/24/2023

Disclosure

04/19/2023

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
234603	Oracle Communications Operations Monitor Fraud Detection Monitor denial of service	404	Not defined	Official fix	CVE-2023-28856
234595	Oracle Communications Cloud Native Core Network Repository Function Fraud Detection Monitor denial of service	404	Not defined	Official fix	CVE-2023-28856
226785	Redis HINCRBYFLOAT denial of service	404	Not defined	Official fix	CVE-2023-28856

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!