All vulnerabilities
CVE-2014-7169
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU — Bourne-Again Shell (Bash)
- Added to KEV catalog
- 28 January 2022
- Federal remediation due date
- 28 July 2022
- Weakness classification (CWE)
- CWE-78
CISA Description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-7169
More GNU Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services