CVE-2022-0543 - Vulnerability Details - OpenCVE

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since March 28, 2022.

Exploitation active

Automatable yes

Technical Impact total

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Redis	Redis

Configuration 1 [-]

AND

cpe:2.3:a:redis:redis:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:21.10::::-:::
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html
https://bugs.debian.org/1005787
https://lists.debian.org/debian-security-announce/2022/msg00048.html
https://security.netapp.com/advisory/ntap-20220331-0004/
https://www.debian.org/security/2022/dsa-5081
https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce

History

Wed, 29 Jan 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-03-28'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: debian

Published: 2022-02-18T19:25:16.932Z

Updated: 2025-01-29T20:49:19.800Z

Reserved: 2022-02-08T00:00:00.000Z

Link: CVE-2022-0543

Vulnrichment

Updated: 2024-08-02T23:32:46.290Z

NVD

Status : Modified

Published: 2022-02-18T20:15:17.583

Modified: 2025-01-29T21:15:11.987

Link: CVE-2022-0543

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "redis", "vendor": "Debian", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2022-02-18T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."}], "problemTypes": [{"descriptions": [{"description": "Lua sandbox escape", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-27T20:06:10.000Z", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/1005787"}, {"tags": ["x_refsource_MISC"], "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"}, {"name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"}, {"name": "DSA-5081", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2022/dsa-5081"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"}], "source": {"advisory": "DSA-5081-1", "discovery": "EXTERNAL"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "DATE_PUBLIC": "2022-02-18T00:00:00.000Z", "ID": "CVE-2022-0543", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "redis", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Debian"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Lua sandbox escape"}]}]}, "references": {"reference_data": [{"name": "https://bugs.debian.org/1005787", "refsource": "MISC", "url": "https://bugs.debian.org/1005787"}, {"name": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce", "refsource": "MISC", "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"}, {"name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"}, {"name": "DSA-5081", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5081"}, {"name": "https://security.netapp.com/advisory/ntap-20220331-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"}, {"name": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"}]}, "source": {"advisory": "DSA-5081-1", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:32:46.290Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.debian.org/1005787"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"}, {"name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"}, {"name": "DSA-5081", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2022/dsa-5081"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-862", "lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-29T20:49:14.266148Z", "id": "CVE-2022-0543", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-0543"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T20:49:19.800Z"}}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2022-0543", "datePublished": "2022-02-18T19:25:16.932Z", "dateReserved": "2022-02-08T00:00:00.000Z", "dateUpdated": "2025-01-29T20:49:19.800Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugs.debian.org/1005787", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html", "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://www.debian.org/security/2022/dsa-5081", "name": "DSA-5081", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20220331-0004/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:32:46.290Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-0543", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-29T20:49:14.266148Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-0543"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-29T20:48:50.868Z"}}], "cna": {"source": {"advisory": "DSA-5081-1", "discovery": "EXTERNAL"}, "affected": [{"vendor": "Debian", "product": "redis", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2022-02-18T00:00:00.000Z", "references": [{"url": "https://bugs.debian.org/1005787", "tags": ["x_refsource_MISC"]}, {"url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce", "tags": ["x_refsource_MISC"]}, {"url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html", "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://www.debian.org/security/2022/dsa-5081", "name": "DSA-5081", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "https://security.netapp.com/advisory/ntap-20220331-0004/", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Lua sandbox escape"}]}], "providerMetadata": {"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian", "dateUpdated": "2022-04-27T20:06:10.000Z"}, "x_legacyV4Record": {"source": {"advisory": "DSA-5081-1", "discovery": "EXTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "redis"}]}, "vendor_name": "Debian"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://bugs.debian.org/1005787", "name": "https://bugs.debian.org/1005787", "refsource": "MISC"}, {"url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce", "name": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce", "refsource": "MISC"}, {"url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html", "name": "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update", "refsource": "MLIST"}, {"url": "https://www.debian.org/security/2022/dsa-5081", "name": "DSA-5081", "refsource": "DEBIAN"}, {"url": "https://security.netapp.com/advisory/ntap-20220331-0004/", "name": "https://security.netapp.com/advisory/ntap-20220331-0004/", "refsource": "CONFIRM"}, {"url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html", "name": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Lua sandbox escape"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-0543", "STATE": "PUBLIC", "ASSIGNER": "security@debian.org", "DATE_PUBLIC": "2022-02-18T00:00:00.000Z"}}}}, "cveMetadata": {"cveId": "CVE-2022-0543", "state": "PUBLISHED", "dateUpdated": "2025-01-29T20:49:19.800Z", "dateReserved": "2022-02-08T00:00:00.000Z", "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "datePublished": "2022-02-18T19:25:16.932Z", "assignerShortName": "debian"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-04-18", "cisaExploitAdd": "2022-03-28", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Debian-specific Redis Server Lua Sandbox Escape Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redis:redis:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EBE5E1C-C881-4A76-9E36-4FB7C48427E6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": false}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*", "matchCriteriaId": "3D94DA3B-FA74-4526-A0A0-A872684598C6", "vulnerable": false}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": false}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": false}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."}, {"lang": "es", "value": "Se ha detectado que redis, una base de datos persistente de valores clave, debido a un problema de empaquetado, es propenso a un escape del sandbox de Lua (espec\u00edfico de Debian), que podr\u00eda resultar en una ejecuci\u00f3n de c\u00f3digo remota"}], "id": "CVE-2022-0543", "lastModified": "2025-01-29T21:15:11.987", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-02-18T20:15:17.583", "references": [{"source": "security@debian.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"}, {"source": "security@debian.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.debian.org/1005787"}, {"source": "security@debian.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"}, {"source": "security@debian.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5081"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.debian.org/1005787"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-security-announce/2022/msg00048.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220331-0004/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5081"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}