Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information.
CVSS Information
N/A
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Redis Labs Redis 权限许可和访问控制问题漏洞
Vulnerability Description
Redis Labs Redis是美国Redis Labs公司的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值(Key-Value)存储数据库,并提供多种语言的API。 Redis Labs Redis中存在权限许可和访问控制问题漏洞,该漏洞源于程序为带有敏感信息的文件或目录设置了较弱的权限。本地攻击者可利用该漏洞访问未授权的系统信息。
CVSS Information
N/A
Vulnerability Type
N/A