CVE-2024-6875
📋 TL;DR
This vulnerability in Infinispan's REST compare API allows attackers to cause a buffer leak and out-of-memory errors by sending continuous requests with large POST data. This affects Red Hat Data Grid deployments using the vulnerable REST API component. The vulnerability can lead to denial of service conditions.
💻 Affected Systems
- Red Hat Data Grid
- Infinispan
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete service outage due to out-of-memory errors causing the Infinispan instance to crash, potentially affecting dependent applications and data availability.
Likely Case
Degraded performance and intermittent service disruptions as memory resources are exhausted, requiring manual intervention to restart services.
If Mitigated
Minimal impact with proper rate limiting, request size limits, and monitoring in place to detect abnormal request patterns.
🎯 Exploit Status
Exploitation requires sending continuous large POST requests to the REST compare API endpoint, which is straightforward to automate.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Red Hat advisory for specific fixed versions
Vendor Advisory: https://access.redhat.com/security/cve/CVE-2024-6875
Restart Required: Yes
Instructions:
1. Review Red Hat advisory for exact fixed version. 2. Update Red Hat Data Grid to patched version. 3. Restart Infinispan services. 4. Verify fix by checking version and monitoring for memory issues.
🔧 Temporary Workarounds
Disable REST compare API
allDisable the vulnerable REST compare API endpoint if not required
Modify Infinispan configuration to disable REST compare API endpoint
Implement request size limits
allConfigure web server or application firewall to limit POST request sizes
Configure request size limits in reverse proxy (e.g., nginx: client_max_body_size) or application firewall
🧯 If You Can't Patch
- Implement strict rate limiting on REST API endpoints
- Deploy web application firewall with request size and rate limiting rules
🔍 How to Verify
Check if Vulnerable:
Check if running affected Red Hat Data Grid version with REST API enabled. Review configuration for REST compare API endpoint availability.Check Version:
Check Data Grid/Infinispan version through management console or version API endpointVerify Fix Applied:
Verify updated to patched version and monitor memory usage during normal REST API operations.📡 Detection & Monitoring
Log Indicators:
- High memory usage alerts
- OutOfMemoryError in logs
- Unusually large POST requests to REST compare endpoint
- Frequent garbage collection events
Network Indicators:
- High volume of large POST requests to REST API
- Abnormal request patterns to /rest/v2/cache/*/compare endpoint
SIEM Query:
source="infinispan" AND ("OutOfMemoryError" OR "java.lang.OutOfMemoryError") OR (http_method="POST" AND uri_path="/rest/v2/cache/*/compare" AND content_length>threshold)