Redis Enterprise Elevation of Privilege Vulnerability Affecting Redis Labs
CVE-2025-59271

8.7HIGH

Key Information:

Vendor: Microsoft
Status: Azure Cache For Redis Enterprise; Azure Managed Redis
Vendor: CVE Published:; 9 October 2025

What is CVE-2025-59271?

The Redis Enterprise platform has known vulnerabilities that allow an attacker to elevate privileges, potentially leading to unauthorized access to sensitive information and system controls. Proper mitigation strategies are essential for maintaining system integrity and safeguarding user data. It is crucial for organizations using Redis Enterprise to remain informed about this vulnerability and implement the recommended updates to secure their environments.

Affected Version(s)

Azure Cache for Redis Enterprise Unknown

Azure Managed Redis Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 9, 2025
Vulnerability Reserved
Sep 11, 2025

JSON

Microsoft

What is CVE-2025-59271?

Affected Version(s)

References

CVSS V3.1

Timeline