CVE-2021-31294

Published: Jul 15, 2023

Modified: Oct 30, 2024

PUBLISHED

Description

Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/redis/redis/issues/8712

https://github.com/redis/redis/commit/6cbea7d29b5285692843bc1c351abba1a7ef326f

https://github.com/redis/redis/commit/46f4ebbe842620f0976a36741a72482620aa4b48

https://security.netapp.com/advisory/ntap-20230814-0007/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-31294

Description

Affected Products

References