All vulnerabilities
CVE-2014-6271
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU — Bourne-Again Shell (Bash)
- Added to KEV catalog
- 28 January 2022
- Federal remediation due date
- 28 July 2022
- Weakness classification (CWE)
- CWE-78
CISA Description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-6271
More GNU Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services