CVE-2023-47004

HIGH

RedisGraph 2.0.0-2.12.8 - Authenticated Buffer Overflow

Title source: llm
STIX 2.1

Description

Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication.

References (1)

Core 1
Core References
Exploit, Issue Tracking, Vendor Advisory
https://github.com/RedisGraph/RedisGraph/issues/3178

Scores

CVSS v3 8.8
EPSS 0.0104
EPSS Percentile 59.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-120 CWE-787
Status published
Products (1)
redislabs/redisgraph 2.0.0 - 2.12.9
Published Nov 06, 2023
Tracked Since Feb 18, 2026