{"id":64503,"date":"2025-06-05T22:32:04","date_gmt":"2025-06-05T19:02:04","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-48493-redis-auth-credentials-exposed-in-yii-logs\/"},"modified":"2025-06-05T22:32:04","modified_gmt":"2025-06-05T19:02:04","slug":"cve-2025-48493-redis-auth-credentials-exposed-in-yii-logs","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-48493-redis-auth-credentials-exposed-in-yii-logs\/","title":{"rendered":"CVE-2025-48493 &#8211; &#8220;Redis AUTH Credentials Exposed in Yii Logs&#8221;"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-48493<br \/>\n<br \/>\n<strong>Published : <\/strong> June 5, 2025, 5:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 0.0 | NA<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-48493 Published : June 5, 2025, 5:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago Description : The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-64503","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=64503"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64503\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=64503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=64503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=64503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}