The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging "limited access to the machine."