CVE-2016-10517
published 2017-10-24CVE-2016-10517: networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis…
PriorityP338high7.4CVSS 3.0
AVNACLPRNUIRSCCHINAN
EPSS
2.15%
79.8th percentile
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | kvrocks | < 2.11.1 | 2.11.1 |
| apache_software_foundation | apache_kvrocks | <= 2.11.0 | — |
| debian | redis | < redis 3:3.2.7-1 (bookworm) | redis 3:3.2.7-1 (bookworm) |
| redis | redis | >= 0 < 3:3.2.7-1 | 3:3.2.7-1 |
| redis | redis | >= 0 < 3:3.2.7-1 | 3:3.2.7-1 |
| redis | redis | >= 0 < 3:3.2.7-1 | 3:3.2.7-1 |
| redis | redis | >= 0 < 3:3.2.7-1 | 3:3.2.7-1 |
| redislabs | redis | < 3.2.7 | 3.2.7 |
CVSS provenance
nvdv3.07.4HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv7.4HIGH
vendor_debian7.4HIGH
vendor_redhat7.4HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
redis: cross-protocol attack using malicious HTTP request
vendor_redhat·2016-08-03·CVSS 7.4
CVE-2016-10517 [HIGH] CWE-88 redis: cross-protocol attack using malicious HTTP request
redis: cross-protocol attack using malicious HTTP request
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).
Mitigation: This issue can be mitigated by configuring Redis to require clients to authenticate with password. Password authentication can be enabled using the 'requirepass' directive in the redis.conf configuration file.
Package: redis (Red Hat Enterprise Linux OpenStack Platform 6 (Juno)) - Will not fix
Package: redis (Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)) - Will not fix
Package: redis (Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools) - Will no
Debian
CVE-2016-10517: redis - networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it ...
vendor_debian·2016·CVSS 7.4
CVE-2016-10517 [HIGH] CVE-2016-10517: redis - networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it ...
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).
Scope: local
bookworm: resolved (fixed in 3:3.2.7-1)
bullseye: resolved (fixed in 3:3.2.7-1)
forky: resolved (fixed in 3:3.2.7-1)
sid: resolved (fixed in 3:3.2.7-1)
trixie: resolved (fixed in 3:3.2.7-1)
GHSA
GHSA-fp9p-7hx8-xfp3: A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks
ghsa_unreviewed·2025-02-07·CVSS 7.4
CVE-2025-25069 [HIGH] CWE-115 GHSA-fp9p-7hx8-xfp3: A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks
A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks.
Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests,
a valid HTTP request can also be sent to Kvrocks as a valid RESP request
and trigger some database operations, which can be dangerous when
it is chained with SSRF.
It is similiar to CVE-2016-10517 in Redis.
This issue affects Apache Kvrocks: from the initial version to the latest version 2.11.0.
Users are recommended to upgrade to version 2.11.1, which fixes the issue.
GHSA
GHSA-r965-fhrj-6v64: networking
ghsa_unreviewed·2022-05-14
CVE-2016-10517 [HIGH] GHSA-r965-fhrj-6v64: networking
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).
OSV
CVE-2016-10517: networking
osv·2017-10-24·CVSS 7.4
CVE-2016-10517 [HIGH] CVE-2016-10517: networking
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/101572https://github.com/antirez/redis/commit/874804da0c014a7d704b3d285aa500098a931f50https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTEShttps://www.reddit.com/r/redis/comments/5r8wxn/redis_327_is_out_important_security_fixes_inside/http://www.securityfocus.com/bid/101572https://github.com/antirez/redis/commit/874804da0c014a7d704b3d285aa500098a931f50https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTEShttps://www.reddit.com/r/redis/comments/5r8wxn/redis_327_is_out_important_security_fixes_inside/
2017-10-24
Published