CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
High
software: redis 7.0.14
OS: ROSA-CHROME
package_evr_string: redis-7.0.14-1
CVE-ID: CVE-2023-41053
BDU-ID: 2023-05475
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to keys that are not explicitly authorized by ACL configuration
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update redis