CVE-2016-2121 MEDIUM

CVE-2016-2121

Vendor [Unknown]
Product redis
Weakness CWE-732
Published October 31, 2018
Last update August 5, 2024

CVSS base score

4.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information.

Key dates

02Disclosure timeline

October 31, 2018 CVE published
August 5, 2024 Record updated