^{CVE-2025-21605:}Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable. When password authentication is enabled on the Redis server, but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system will run out of memory. This issue has been patched in version 7.4.3. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways. Either using network access control tools like firewalls, iptables, security groups, etc, or enabling TLS and requiring users to authenticate using client side certificates.

Industry ExposureMost to least

This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

1. Manufacturing
   Manufacturing
2. Professional, Scientific, & Technical Services
   Professional, Scientific, & Technical Services
3. Health Care & Social Assistance
   Health Care & Social Assistance
4. Retail Trade
   Retail Trade
5. Finance and Insurance
   Finance and Insurance
6. Public Administration
   Public Administration
7. Transportation & Warehousing
   Transportation & Warehousing
8. Arts, Entertainment & Recreation
   Arts, Entertainment & Recreation
9. Educational Services
   Educational Services
10. Management of Companies & Enterprises
    Management of Companies & Enterprises
11. Utilities
    Utilities
12. Information
    Information
13. Other Services (except Public Administration)
    Other Services (except Public Administration)
14. Accommodation & Food Services
    Accommodation & Food Services
15. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
16. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
17. Construction
    Construction
18. Mining
    Mining
19. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
20. Wholesale Trade
    Wholesale Trade