Free
CVE Series: Redis (CVE-2022-0543)
The Redis vulnerability (CVE-2022-0543) is a critical flaw impacting Linux systems across the globe. By exploiting this vulnerability, any user can remotely execute commands as a root user on a system. Take our course to exploit and mitigate the vulnerability in a secure lab environment, giving you the skills you need to protect your organization.
1
H
20
M
Time
intermediate
difficulty
2
ceu/cpe
Course Content
Introduction and Background
Redis Vulnerability Exploitation
Identifying the Redis Vulnerability
Redis Vulnerability Exploitation
Exploiting the Redis Vulnerability
Redis Vulnerability Exploitation
Course Description
Who should take this course?
This course is for seasoned red teamers, penetration testers, security and vulnerability assessment analysts, and system administrators who want to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.Why take this course?
Redis, or Remote Dictionary Server, is an open-source, NoSQL in-memory data structure store that has gained considerable popularity among developers due to its fast performance. In January 2022, security researcher Reginaldo Silva discovered a vulnerability that allows for a Lua scripting engine sandbox escape on Debian and Debian-derived Linux distros running Redis. As a result of this package variable flaw, adversaries can access a system remotely, bypass security access policies or controls, and execute arbitrary commands on the host server. Due to the severity of the vulnerability, CVE-2022-0543 has earned the highest possible CVSS score of 10.0. Get hands-on experience exploiting this vulnerability in a secure virtual lab and develop the skills you need to protect your environment.What makes this course different from other courses on similar topics?
After completing this course, you will be able to:This course is taught by Raymond Evans, a member of the CyDefe team. CyDefe develops and operates capture-the-flag (CTF) style environments, and this course focuses on presenting learners with virtual labs where you can dirctly apply what you've learned.