{"id":16524,"date":"2025-10-18T00:00:23","date_gmt":"2025-10-17T16:00:23","guid":{"rendered":"https:\/\/www.quape.com\/?p=16524"},"modified":"2025-10-18T00:02:25","modified_gmt":"2025-10-17T16:02:25","slug":"critical-redis-vulnerability-cve-2025-49844","status":"publish","type":"post","link":"https:\/\/www.quape.com\/id\/critical-redis-vulnerability-cve-2025-49844\/","title":{"rendered":"Kerentanan Redis Kritis (CVE-2025-49844)"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_81 counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Daftar isi<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Beralih Daftar Isi\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Beralih<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.quape.com\/id\/critical-redis-vulnerability-cve-2025-49844\/#Overview\" >Ringkasan<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.quape.com\/id\/critical-redis-vulnerability-cve-2025-49844\/#Impact\" >Dampak<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.quape.com\/id\/critical-redis-vulnerability-cve-2025-49844\/#Affected_Versions\" >Versi yang Terkena Dampak<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.quape.com\/id\/critical-redis-vulnerability-cve-2025-49844\/#Mitigation_and_Best_Practices\" >Mitigasi dan Praktik Terbaik<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.quape.com\/id\/critical-redis-vulnerability-cve-2025-49844\/#How_QUAPE_Protects_Our_Customers\" >Bagaimana QUAPE Melindungi Pelanggan Kami<\/a><\/li><\/ul><\/nav><\/div>\n<h3 data-start=\"245\" data-end=\"261\"><span class=\"ez-toc-section\" id=\"Overview\"><\/span><strong data-start=\"249\" data-end=\"261\">Ringkasan<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"262\" data-end=\"595\">Redis telah merilis <strong data-start=\"283\" data-end=\"311\">pembaruan keamanan penting<\/strong> untuk menambal kerentanan yang baru ditemukan (<strong data-start=\"355\" data-end=\"373\">CVE-2025-49844<\/strong>) yang menimbulkan ancaman serius terhadap server yang menjalankan versi Redis yang terdampak.<br data-start=\"446\" data-end=\"449\" \/>Kelemahan ini telah ditetapkan sebagai <strong data-start=\"479\" data-end=\"515\">Skor CVSS v3.1 9,9 dari 10<\/strong>, menandainya sebagai salah satu kerentanan paling parah dalam rilis Redis terkini.<\/p>\n<hr data-start=\"597\" data-end=\"600\" \/>\n<h3 data-start=\"602\" data-end=\"616\"><span class=\"ez-toc-section\" id=\"Impact\"><\/span><strong data-start=\"606\" data-end=\"616\">Dampak<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"617\" data-end=\"926\">Sebuah <strong data-start=\"620\" data-end=\"646\">penyerang yang diautentikasi<\/strong> dapat memanfaatkan kerentanan ini dengan mengunggah <strong data-start=\"695\" data-end=\"725\">skrip yang dibuat dengan maksud jahat<\/strong>, berpotensi menyebabkan <strong data-start=\"750\" data-end=\"781\">eksekusi kode jarak jauh (RCE)<\/strong> pada host Redis.<br data-start=\"800\" data-end=\"803\" \/>Eksploitasi yang berhasil dapat mengakibatkan <strong data-start=\"841\" data-end=\"864\">akses tidak sah<\/strong>, <strong data-start=\"866\" data-end=\"885\">kompromi data<\/strong>, atau bahkan <strong data-start=\"897\" data-end=\"925\">pengambilalihan sistem secara menyeluruh<\/strong>.<\/p>\n<hr data-start=\"928\" data-end=\"931\" \/>\n<h3 data-start=\"933\" data-end=\"958\"><span class=\"ez-toc-section\" id=\"Affected_Versions\"><\/span><strong data-start=\"937\" data-end=\"958\">Versi yang Terkena Dampak<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"959\" data-end=\"1001\">Versi Redis berikut terpengaruh:<\/p>\n<ul data-start=\"1003\" data-end=\"1267\">\n<li data-start=\"1003\" data-end=\"1113\">\n<p data-start=\"1005\" data-end=\"1033\"><strong data-start=\"1005\" data-end=\"1023\">Perangkat Lunak Redis<\/strong> sebelum:<\/p>\n<ul data-start=\"1036\" data-end=\"1113\">\n<li data-start=\"1036\" data-end=\"1049\">\n<p data-start=\"1038\" data-end=\"1049\">7.22.2-12<\/p>\n<\/li>\n<li data-start=\"1052\" data-end=\"1065\">\n<p data-start=\"1054\" data-end=\"1065\">7.8.6-207<\/p>\n<\/li>\n<li data-start=\"1068\" data-end=\"1081\">\n<p data-start=\"1070\" data-end=\"1081\">7.4.6-272<\/p>\n<\/li>\n<li data-start=\"1084\" data-end=\"1097\">\n<p data-start=\"1086\" data-end=\"1097\">7.2.4-138<\/p>\n<\/li>\n<li data-start=\"1100\" data-end=\"1113\">\n<p data-start=\"1102\" data-end=\"1113\">6.4.2-131<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"1114\" data-end=\"1208\">\n<p data-start=\"1116\" data-end=\"1159\"><strong data-start=\"1116\" data-end=\"1149\">Redis OSS \/ Edisi Komunitas<\/strong> sebelum:<\/p>\n<ul data-start=\"1162\" data-end=\"1208\">\n<li data-start=\"1162\" data-end=\"1171\">\n<p data-start=\"1164\" data-end=\"1171\">8.2.2<\/p>\n<\/li>\n<li data-start=\"1174\" data-end=\"1183\">\n<p data-start=\"1176\" data-end=\"1183\">8.0.4<\/p>\n<\/li>\n<li data-start=\"1186\" data-end=\"1195\">\n<p data-start=\"1188\" data-end=\"1195\">7.4.6<\/p>\n<\/li>\n<li data-start=\"1198\" data-end=\"1208\">\n<p data-start=\"1200\" data-end=\"1208\">7.2.11<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"1209\" data-end=\"1267\">\n<p data-start=\"1211\" data-end=\"1236\"><strong data-start=\"1211\" data-end=\"1226\">Tumpukan Redis<\/strong> sebelum:<\/p>\n<ul data-start=\"1239\" data-end=\"1267\">\n<li data-start=\"1239\" data-end=\"1251\">\n<p data-start=\"1241\" data-end=\"1251\">7.4.0-v7<\/p>\n<\/li>\n<li data-start=\"1254\" data-end=\"1267\">\n<p data-start=\"1256\" data-end=\"1267\">Versi 7.2.0-v19<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<hr data-start=\"1269\" data-end=\"1272\" \/>\n<h3 data-start=\"1274\" data-end=\"1311\"><span class=\"ez-toc-section\" id=\"Mitigation_and_Best_Practices\"><\/span><strong data-start=\"1278\" data-end=\"1311\">Mitigasi dan Praktik Terbaik<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1312\" data-end=\"1485\">Pengguna dan administrator Redis adalah <strong data-start=\"1347\" data-end=\"1389\">sangat disarankan untuk segera memperbarui<\/strong> ke versi terbaru yang telah ditambal.<br data-start=\"1420\" data-end=\"1423\" \/>Jika peningkatan tidak memungkinkan, terapkan tindakan pencegahan berikut:<\/p>\n<ul data-start=\"1487\" data-end=\"1665\">\n<li data-start=\"1487\" data-end=\"1551\">\n<p data-start=\"1489\" data-end=\"1551\">Batasi akses Redis ke <strong data-start=\"1514\" data-end=\"1543\">jaringan internal tepercaya<\/strong> hanya.<\/p>\n<\/li>\n<li data-start=\"1552\" data-end=\"1604\">\n<p data-start=\"1554\" data-end=\"1604\"><strong data-start=\"1554\" data-end=\"1591\">Nonaktifkan atau pantau unggahan skrip<\/strong> dengan hati-hati.<\/p>\n<\/li>\n<li data-start=\"1605\" data-end=\"1665\">\n<p data-start=\"1607\" data-end=\"1665\">Tinjauan <strong data-start=\"1614\" data-end=\"1639\">log sistem dan Redis<\/strong> untuk aktivitas yang tidak biasa.<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"1667\" data-end=\"1670\" \/>\n<h3 data-start=\"1672\" data-end=\"1712\"><span class=\"ez-toc-section\" id=\"How_QUAPE_Protects_Our_Customers\"><\/span><strong data-start=\"1676\" data-end=\"1712\">Bagaimana QUAPE Melindungi Pelanggan Kami<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p data-start=\"1713\" data-end=\"2054\">Pada <strong data-start=\"1716\" data-end=\"1725\">QUAPE<\/strong>, keamanan adalah prioritas utama kami.<br data-start=\"1756\" data-end=\"1759\" \/>Untuk mengurangi risiko dari eksploitasi eksternal, <strong data-start=\"1805\" data-end=\"1856\">semua port Redis eksternal diblokir secara default<\/strong> pada infrastruktur hosting kami.<br data-start=\"1887\" data-end=\"1890\" \/>Layanan Redis hanya dapat diakses melalui <strong data-start=\"1929\" data-end=\"1958\">jaringan internal yang aman<\/strong> atau <strong data-start=\"1962\" data-end=\"1999\">melalui koneksi yang diautentikasi<\/strong>, secara signifikan mengurangi paparan terhadap serangan potensial.<\/p>\n<p data-start=\"2056\" data-end=\"2175\">Kami juga telah memverifikasi bahwa semua instance Redis yang dikelola oleh QUAPE adalah <strong data-start=\"2124\" data-end=\"2152\">ditambal dan tidak terpengaruh<\/strong> oleh kerentanan ini.<\/p>\n<p data-start=\"2177\" data-end=\"2394\">Untuk klien yang mengoperasikan server Redis mereka sendiri, kami sangat menyarankan untuk segera menerapkan pembaruan terkini.<br data-start=\"2286\" data-end=\"2289\" \/>Jika Anda memerlukan bantuan dalam memverifikasi keamanan lingkungan Anda, tim teknis kami siap membantu.<\/p>\n<hr data-start=\"2396\" data-end=\"2399\" \/>\n<p data-start=\"2401\" data-end=\"2492\">\ud83d\udcd8 <strong data-start=\"2404\" data-end=\"2418\">Referensi:<\/strong><br data-start=\"2418\" data-end=\"2421\" \/>https:\/\/redis.io\/blog\/security-advisory-cve-2025-49844\/<\/p>","protected":false},"excerpt":{"rendered":"<p>Overview Redis has released a critical security update to patch a newly discovered vulnerability (CVE-2025-49844) that poses a serious threat to servers running affected Redis versions.This flaw has been assigned a CVSS v3.1 score of 9.9 out of 10, marking it as one of the most severe vulnerabilities in recent Redis releases. Impact An authenticated [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":16527,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[93],"tags":[],"class_list":["post-16524","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/posts\/16524","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/comments?post=16524"}],"version-history":[{"count":2,"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/posts\/16524\/revisions"}],"predecessor-version":[{"id":16526,"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/posts\/16524\/revisions\/16526"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/media\/16527"}],"wp:attachment":[{"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/media?parent=16524"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/categories?post=16524"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quape.com\/id\/wp-json\/wp\/v2\/tags?post=16524"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}