CVE-2022-36021
published 2023-03-01CVE-2022-36021: Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted…
PriorityP342medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
59.71%
99.0th percentile
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | redis | < redis 5:7.0.9-1 (bookworm) | redis 5:7.0.9-1 (bookworm) |
| msrc | cbl2_redis_6.2.11-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_redis_6.2.11-1_on_cbl_mariner_1.0 | — | — |
| redis | redis | < 6.0.18 | 6.0.18 |
| redis | redis | — | — |
| redis | redis | — | — |
| redis | redis | >= 0 < 5:6.0.16-1+deb11u3 | 5:6.0.16-1+deb11u3 |
| redis | redis | >= 0 < 5:7.0.9-1 | 5:7.0.9-1 |
| redis | redis | >= 0 < 5:7.0.9-1 | 5:7.0.9-1 |
| redis | redis | >= 0 < 5:7.0.9-1 | 5:7.0.9-1 |
| redis | redis | >= 0 < 2:2.8.4-2ubuntu0.2+esm3 | 2:2.8.4-2ubuntu0.2+esm3 |
| redis | redis | >= 0 < 2:3.0.6-1ubuntu0.4+esm2 | 2:3.0.6-1ubuntu0.4+esm2 |
| redis | redis | >= 0 < 5:4.0.9-1ubuntu0.2+esm4 | 5:4.0.9-1ubuntu0.2+esm4 |
| redis | redis | >= 0 < 5:5.0.7-2ubuntu0.1+esm2 | 5:5.0.7-2ubuntu0.1+esm2 |
| redis | redis | >= 0 < 5:6.0.16-1ubuntu1+esm1 | 5:6.0.16-1ubuntu1+esm1 |
| redis | redis | >= 6.2.0 < 6.2.11 | 6.2.11 |
| redis | redis | >= 7.0.0 < 7.0.9 | 7.0.9 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect use of string matching commands (SCAN or KEYS) with a specially crafted pattern that causes Redis to hang and consume 100% CPU time, indicative of CVE-2022-36021 exploitation. ↗
- →Monitor Redis CPU utilization for sustained 100% usage, which may indicate active exploitation of this DoS vulnerability via crafted pattern matching commands. ↗
- ·Only authenticated users can trigger this vulnerability; unauthenticated access to Redis is required to be blocked as a baseline. The vulnerability affects Redis versions prior to 6.0.18, 6.2.11, and 7.0.9. ↗
- ·Red Hat Enterprise Linux 9 ships a Redis package assessed as Not Affected. Red Hat OpenStack Platform 13 (Queens) is out of support scope. rh-redis6-redis (Red Hat Software Collections) will not be fixed. ↗
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv8.8HIGH
vendor_ubuntu7.0HIGH
vendor_debian5.5MEDIUM
vendor_msrc5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SCALANCE XCM-/XRM-300
cisa_ics·2024-02-15
Siemens SCALANCE XCM-/XRM-300
ICS Advisory
##
Siemens SCALANCE XCM-/XRM-300
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-11
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE XCM-/XRM-300
- Vulnerabilities: Out-of-bounds Write, Incorrect Type Conversion or Cast, Improper Verification of Cryptographic Signature, Improper Access Control, Improper Authentication, Missing Encryption
Ubuntu
Redis vulnerabilities
vendor_ubuntu·2023-12-05·CVSS 7.0
CVE-2023-25155 [HIGH] Redis vulnerabilities
Title: Redis vulnerabilities
Summary: Several security issues were fixed in Redis.
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled
certain specially crafted Lua scripts. An attacker could possibly use this
issue to cause heap corruption and execute arbitrary code.
(CVE-2022-24834)
SeungHyun Lee discovered that Redis incorrectly handled specially crafted
commands. An attacker could possibly use this issue to trigger an integer
overflow, which might cause Redis to allocate impossible amounts of memory,
resulting in a denial of service via an application crash. (CVE-2022-35977)
Tom Levy discovered that Redis incorrectly handled crafted string matching
patterns. An attacker could possibly use this issue to cause Redis to hang,
resulting in a denial of service. (CV
Microsoft
Redis string pattern matching can be abused to achieve Denial of Service
vendor_msrc·2023-03-14·CVSS 5.5
CVE-2022-36021 [MEDIUM] CWE-407 Redis string pattern matching can be abused to achieve Denial of Service
Redis string pattern matching can be abused to achieve Denial of Service
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
R
Red Hat
redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow
vendor_redhat·2023-02-28·CVSS 5.5
CVE-2022-36021 [MEDIUM] CWE-190 redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow
redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.
A vulnerability was found in Redis. This flaw allows an authenticated to use string matching commands (like SCAN or KEYS) with a specially crafted pattern to trigger a denial of service attack on Redis, causing it to hang and consume 100% of CPU time.
Package: redis (Red Hat Enterprise Linux 9) - Not affected
Package: redis (Red Hat OpenStack Platform 13 (Queens)) -
Debian
CVE-2022-36021: redis - Redis is an in-memory database that persists on disk. Authenticated users can us...
vendor_debian·2022·CVSS 5.5
CVE-2022-36021 [MEDIUM] CVE-2022-36021: redis - Redis is an in-memory database that persists on disk. Authenticated users can us...
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.
Scope: local
bookworm: resolved (fixed in 5:7.0.9-1)
bullseye: resolved (fixed in 5:6.0.16-1+deb11u3)
forky: resolved (fixed in 5:7.0.9-1)
sid: resolved (fixed in 5:7.0.9-1)
trixie: resolved (fixed in 5:7.0.9-1)
OSV
redis vulnerabilities
osv·2023-12-05·CVSS 8.8
CVE-2022-24834 [HIGH] redis vulnerabilities
redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled
certain specially crafted Lua scripts. An attacker could possibly use this
issue to cause heap corruption and execute arbitrary code.
(CVE-2022-24834)
SeungHyun Lee discovered that Redis incorrectly handled specially crafted
commands. An attacker could possibly use this issue to trigger an integer
overflow, which might cause Redis to allocate impossible amounts of memory,
resulting in a denial of service via an application crash. (CVE-2022-35977)
Tom Levy discovered that Redis incorrectly handled crafted string matching
patterns. An attacker could possibly use this issue to cause Redis to hang,
resulting in a denial of service. (CVE-2022-36021)
Yupeng Yang discovered that Redis incorrectly h
OSV
CVE-2022-36021: Redis is an in-memory database that persists on disk
osv·2023-03-01·CVSS 5.5
CVE-2022-36021 [MEDIUM] CVE-2022-36021: Redis is an in-memory database that persists on disk
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-03-01
Published