redis
修复版本
24.1.1
23.2.1
CVE-2024-6121 stems from the inclusion of an outdated Redis version within NI SystemLink Server and NI FlexLogger. This outdated version inherits vulnerabilities, notably CVE-2022-24834, potentially allowing unauthorized access and control. The vulnerability impacts NI SystemLink Server versions 2024 Q1 and earlier, as well as NI FlexLogger versions 2023 Q2 and earlier that utilize the shared Redis service. Applying the update to version 24.1.1 resolves this issue.
The presence of an outdated Redis instance within NI SystemLink Server and NI FlexLogger creates a significant attack surface. CVE-2022-24834, inherited through this vulnerability, allows for remote code execution (RCE) if an attacker can interact with the Redis server. This could involve sending specially crafted commands to gain control of the affected system. Successful exploitation could lead to data breaches, system compromise, and potentially lateral movement within the network if SystemLink Server or FlexLogger have network access to other systems. The blast radius extends to any data processed or managed by SystemLink Server or FlexLogger, including sensitive operational data and configuration information. While specific exploitation patterns targeting this exact configuration are not widely publicized, the underlying Redis vulnerability is well-understood, and attackers could adapt existing exploits.
CVE-2024-6121 is a consequence of using an outdated Redis version, inheriting the risks associated with CVE-2022-24834. The EPSS score is likely to be medium, given the potential for RCE and the widespread use of Redis. Public proof-of-concept (POC) exploits exist for CVE-2022-24834, which could be adapted to target this specific configuration. The vulnerability was published on 2024-07-22. There is no indication of active campaigns specifically targeting this vulnerability at this time, but the underlying Redis vulnerability remains a significant threat.
漏洞利用状态
EPSS
0.13% (33% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2024-6121 is to upgrade NI SystemLink Server and NI FlexLogger to version 24.1.1 or later. Prior to upgrading, it is crucial to review the NI release notes for any potential breaking changes and to test the upgrade in a non-production environment. If an immediate upgrade is not feasible, consider implementing network segmentation to restrict access to the Redis instance from untrusted networks. Firewall rules should be configured to only allow necessary connections to the Redis port (typically 6379). Monitor Redis logs for suspicious activity and implement intrusion detection system (IDS) signatures to detect known Redis attack patterns. After upgrading to version 24.1.1, verify the upgrade's success by confirming the Redis version is updated and that SystemLink Server and FlexLogger functionalities operate as expected.
Actualice NI SystemLink Server a una versión que incluya una versión actualizada de Redis. Consulte las notas de la versión de NI SystemLink Server para obtener información sobre la versión de Redis incluida. Si no es posible actualizar NI SystemLink Server, considere actualizar Redis manualmente si es posible y está soportado por NI.
漏洞分析和关键警报直接发送到您的邮箱。
It's a vulnerability affecting NI SystemLink Server and NI FlexLogger due to an outdated Redis version, inheriting risks from CVE-2022-24834.
If you are using NI SystemLink Server versions 2024 Q1 and earlier, or NI FlexLogger versions 2023 Q2 and earlier that use the shared Redis service, you are potentially affected.
Upgrade NI SystemLink Server and NI FlexLogger to version 24.1.1 or later. Test the upgrade in a non-production environment first.
While no active campaigns targeting this specific configuration are known, the underlying Redis vulnerability is actively exploited, and existing POCs could be adapted.
Refer to the National Vulnerability Database (NVD) entry for CVE-2024-6121 and NI's official security advisories for detailed information and updates.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。