What is the CVSS score of CVE-2024-51741?

CVE-2024-51741 has a CVSS 3.1 base score of 4.4 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.2%.

Which versions of Redis are affected by CVE-2024-51741?

Organizations using Redis should be aware of moderate risk from CVE-2024-51741, a input validation vulnerability rated CVSS 4.4. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2024-51741?

During next maintenance window: Identify affected systems and apply vendor patches when convenient. Monitor vendor channels for patch availability.

Redis CVE-2024-51741

MEDIUM

Improper Input Validation (CWE-20)

2025-01-06 security-advisories@github.com

Denial Of Service Redis Red Hat Suse

4.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Patch released

Apr 02, 2026 - 14:30 nvd

Patch available

Analysis Generated

Mar 28, 2026 - 18:02 vuln.today

CVE Published

Jan 06, 2025 - 22:15 nvd

MEDIUM 4.4

DescriptionNVD

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.

AnalysisAI

Redis is an open source, in-memory database that persists on disk. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2. Affected products include: Redis.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.