CVE-2014-6271

Warning

Exploit

EPSS 94.22%
Published 24.09.2014 18:48:04
Last modified 12.04.2025 10:46:40
Source security@debian.org
Teams watchlist Login
Open Login

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock."  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

Affected products Warnungen 1 Metrics 4 CWE 1 References 173

Data is provided by the National Vulnerability Database (NVD)

Gnu ≫ Bash Version <= 4.3

Arista ≫ Eos Version >= 4.9.0 < 4.9.12

Arista ≫ Eos Version >= 4.10.0 < 4.10.9

Arista ≫ Eos Version >= 4.11.0 < 4.11.11

Arista ≫ Eos Version >= 4.12.0 < 4.12.9

Arista ≫ Eos Version >= 4.13.0 < 4.13.9

Arista ≫ Eos Version >= 4.14.0 < 4.14.4f

Oracle ≫ Linux Version4

Oracle ≫ Linux Version5 Update-

Oracle ≫ Linux Version6 Update-

Qnap ≫ Qts Version < 4.1.1

Qnap ≫ Qts Version4.1.1 Update-

Qnap ≫ Qts Version4.1.1 Updatebuild_0927

Mageia ≫ Mageia Version3.0

Mageia ≫ Mageia Version4.0

Redhat ≫ Gluster Storage Server For On-premise Version2.1

Redhat ≫ Virtualization Version3.4

Redhat ≫ Enterprise Linux Version4.0

Redhat ≫ Enterprise Linux Version5.0

Redhat ≫ Enterprise Linux Version6.0

Redhat ≫ Enterprise Linux Version7.0

Redhat ≫ Enterprise Linux Desktop Version5.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Desktop Version7.0

Redhat ≫ Enterprise Linux Eus Version5.9

Redhat ≫ Enterprise Linux Eus Version6.4

Redhat ≫ Enterprise Linux Eus Version6.5

Redhat ≫ Enterprise Linux Eus Version7.3

Redhat ≫ Enterprise Linux Eus Version7.4

Redhat ≫ Enterprise Linux Eus Version7.5

Redhat ≫ Enterprise Linux Eus Version7.6

Redhat ≫ Enterprise Linux Eus Version7.7

Redhat ≫ Enterprise Linux For Ibm Z Systems Version5.9_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version6.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version6.5_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version7.3_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version7.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version7.5_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version7.6_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version7.7_s390x

Redhat ≫ Enterprise Linux For Power Big Endian Version5.0_ppc

Redhat ≫ Enterprise Linux For Power Big Endian Version5.9_ppc

Redhat ≫ Enterprise Linux For Power Big Endian Version6.0_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Version6.4_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Version7.0_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version6.5_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.3_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.4_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.5_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.6_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.7_ppc64

Redhat ≫ Enterprise Linux For Scientific Computing Version6.0

Redhat ≫ Enterprise Linux For Scientific Computing Version7.0

Redhat ≫ Enterprise Linux Server Version5.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Aus Version5.6

Redhat ≫ Enterprise Linux Server Aus Version5.9

Redhat ≫ Enterprise Linux Server Aus Version6.2

Redhat ≫ Enterprise Linux Server Aus Version6.4

Redhat ≫ Enterprise Linux Server Aus Version6.5

Redhat ≫ Enterprise Linux Server Aus Version7.3

Redhat ≫ Enterprise Linux Server Aus Version7.4

Redhat ≫ Enterprise Linux Server Aus Version7.6

Redhat ≫ Enterprise Linux Server Aus Version7.7

Redhat ≫ Enterprise Linux Server From Rhui Version5.0

Redhat ≫ Enterprise Linux Server From Rhui Version6.0

Redhat ≫ Enterprise Linux Server From Rhui Version7.0

Redhat ≫ Enterprise Linux Server Tus Version6.5

Redhat ≫ Enterprise Linux Server Tus Version7.3

Redhat ≫ Enterprise Linux Server Tus Version7.6

Redhat ≫ Enterprise Linux Server Tus Version7.7

Redhat ≫ Enterprise Linux Workstation Version5.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Redhat ≫ Enterprise Linux Workstation Version7.0

Suse ≫ Studio Onsite Version1.3

Opensuse ≫ Opensuse Version12.3

Opensuse ≫ Opensuse Version13.1

Opensuse ≫ Opensuse Version13.2

Suse ≫ Linux Enterprise Desktop Version11 Updatesp3

Suse ≫ Linux Enterprise Desktop Version12 Update-

Suse ≫ Linux Enterprise Server Version10 Updatesp3 SwEditionltss

Suse ≫ Linux Enterprise Server Version10 Updatesp4 SwEditionltss

Suse ≫ Linux Enterprise Server Version11 Updatesp1 SwEditionltss SwPlatform-

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwEditionltss

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatform-

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version12 Update-

Suse ≫ Linux Enterprise Software Development Kit Version11 Updatesp3

Suse ≫ Linux Enterprise Software Development Kit Version12 Update-

Debian ≫ Debian Linux Version7.0

Ibm ≫ Infosphere Guardium Database Activity Monitoring Version8.2

Ibm ≫ Infosphere Guardium Database Activity Monitoring Version9.0

Ibm ≫ Infosphere Guardium Database Activity Monitoring Version9.1

Ibm ≫ Pureapplication System Version >= 1.0.0.0 <= 1.0.0.4

Ibm ≫ Pureapplication System Version >= 1.1.0.0 <= 1.1.0.4

Ibm ≫ Pureapplication System Version2.0.0.0

Ibm ≫ Qradar Risk Manager Version7.1.0

Ibm ≫ Qradar Security Information And Event Manager Version7.1.0

Ibm ≫ Qradar Security Information And Event Manager Version7.1.0 Updatemr1

Ibm ≫ Qradar Security Information And Event Manager Version7.1.0 Updatemr2

Ibm ≫ Qradar Security Information And Event Manager Version7.1.1 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.1.1 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.1.1 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.1.1 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep10

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep11

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep12

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep13

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep5

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep6

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep7

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep8

Ibm ≫ Qradar Security Information And Event Manager Version7.1.2 Updatep9

Ibm ≫ Qradar Security Information And Event Manager Version7.2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.0 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.0 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.0 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.0 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.1 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.1 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.1 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.1 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.2 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.2 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.2 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.2 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.2 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.2.3 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.3 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.3 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.3 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.3 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.2.4 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.4 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.4 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.4 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.4 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.2.4 Updatep5

Ibm ≫ Qradar Security Information And Event Manager Version7.2.4 Updatep6

Ibm ≫ Qradar Security Information And Event Manager Version7.2.5 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.5 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.5 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.5 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.5 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.2.5 Updatep5

Ibm ≫ Qradar Security Information And Event Manager Version7.2.5 Updatep6

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Updatep5

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Updatep6

Ibm ≫ Qradar Security Information And Event Manager Version7.2.6 Updatep7

Ibm ≫ Qradar Security Information And Event Manager Version7.2.7 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.7 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.7 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.7 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.7 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Update-

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep1

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep10

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep11

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep12

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep13

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep14

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep15

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep16

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep2

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep3

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep4

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep5

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep6

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep7

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep8

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8 Updatep9

Ibm ≫ Qradar Security Information And Event Manager Version7.2.8.15

Ibm ≫ Qradar Security Information And Event Manager Version7.2.9

Ibm ≫ Qradar Vulnerability Manager Version7.2.0

Ibm ≫ Qradar Vulnerability Manager Version7.2.1

Ibm ≫ Qradar Vulnerability Manager Version7.2.2

Ibm ≫ Qradar Vulnerability Manager Version7.2.3

Ibm ≫ Qradar Vulnerability Manager Version7.2.4

Ibm ≫ Qradar Vulnerability Manager Version7.2.6 Updatep1

Ibm ≫ Qradar Vulnerability Manager Version7.2.6 Updatep2

Ibm ≫ Qradar Vulnerability Manager Version7.2.6 Updatep3

Ibm ≫ Qradar Vulnerability Manager Version7.2.6 Updatep4

Ibm ≫ Qradar Vulnerability Manager Version7.2.6 Updatep5

Ibm ≫ Qradar Vulnerability Manager Version7.2.6 Updatep6

Ibm ≫ Qradar Vulnerability Manager Version7.2.6 Updatep7

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Update-

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep1

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep10

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep11

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep12

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep13

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep14

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep15

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep16

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep17

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep2

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep3

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep4

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep5

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep6

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep7

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep8

Ibm ≫ Qradar Vulnerability Manager Version7.2.8 Updatep9

Ibm ≫ Smartcloud Entry Appliance Version2.3.0

Ibm ≫ Smartcloud Entry Appliance Version2.4.0

Ibm ≫ Smartcloud Entry Appliance Version3.1.0

Ibm ≫ Smartcloud Entry Appliance Version3.2.0

Ibm ≫ Smartcloud Provisioning Version2.1.0

Ibm ≫ Software Defined Network For Virtual Environments SwEditionkvm Version < 1.2.1

Ibm ≫ Software Defined Network For Virtual Environments SwEditionopenflow Version < 1.2.1

Ibm ≫ Software Defined Network For Virtual Environments SwEditionvmware Version < 1.2.1

Ibm ≫ Starter Kit For Cloud Version2.2.0

Ibm ≫ Workload Deployer Version >= 3.1.0 <= 3.1.0.7

Ibm ≫ Security Access Manager For Mobile 8.0 Firmware Version8.0.0.1

Ibm ≫ Security Access Manager For Mobile 8.0 Firmware Version8.0.0.2

Ibm ≫ Security Access Manager For Mobile 8.0 Firmware Version8.0.0.3

Ibm ≫ Security Access Manager For Mobile 8.0 Firmware Version8.0.0.5

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.1

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.2

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.3

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.4

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.5

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.6

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.7

Ibm ≫ Security Access Manager For Web 7.0 Firmware Version7.0.0.8

Ibm ≫ Security Access Manager For Web 8.0 Firmware Version8.0.0.2

Ibm ≫ Security Access Manager For Web 8.0 Firmware Version8.0.0.3

Ibm ≫ Security Access Manager For Web 8.0 Firmware Version8.0.0.5

Ibm ≫ Storwize V7000 Firmware Version >= 1.1.0.0 < 1.4.3.5

Ibm ≫ Storwize V7000 Version-

Ibm ≫ Storwize V7000 Firmware Version >= 1.5.0.0 < 1.5.0.4

Ibm ≫ Storwize V7000 Version-

Ibm ≫ Storwize V7000 Firmware Version >= 7.2.0.0 < 7.2.0.9

Ibm ≫ Storwize V7000 Version-

Ibm ≫ Storwize V7000 Firmware Version >= 7.3.0.0 < 7.3.0.7

Ibm ≫ Storwize V7000 Version-

Ibm ≫ Storwize V5000 Firmware Version >= 1.1.0.0 < 7.1.0.11

Ibm ≫ Storwize V5000 Version-

Ibm ≫ Storwize V5000 Firmware Version >= 7.2.0.0 < 7.2.0.9

Ibm ≫ Storwize V5000 Version-

Ibm ≫ Storwize V5000 Firmware Version >= 7.3.0.0 < 7.3.0.7

Ibm ≫ Storwize V5000 Version-

Ibm ≫ Storwize V3700 Firmware Version >= 1.1.0.0 < 7.1.0.11

Ibm ≫ Storwize V3700 Version-

Ibm ≫ Storwize V3700 Firmware Version >= 7.2.0.0 < 7.2.0.9

Ibm ≫ Storwize V3700 Version-

Ibm ≫ Storwize V3700 Firmware Version >= 7.3.0.0 < 7.3.0.7

Ibm ≫ Storwize V3700 Version-

Ibm ≫ Storwize V3500 Firmware Version >= 1.1.0.0 < 7.1.0.11

Ibm ≫ Storwize V3500 Version-

Ibm ≫ Storwize V3500 Firmware Version >= 7.2.0.0 < 7.2.0.9

Ibm ≫ Storwize V3500 Version-

Ibm ≫ Storwize V3500 Firmware Version >= 7.3.0.0 < 7.3.0.7

Ibm ≫ Storwize V3500 Version-

Ibm ≫ Flex System V7000 Firmware Version >= 1.1.0.0 < 7.1.0.11

Ibm ≫ Flex System V7000 Version-

Ibm ≫ Flex System V7000 Firmware Version >= 7.2.0.0 < 7.2.0.9

Ibm ≫ Flex System V7000 Version-

Ibm ≫ Flex System V7000 Firmware Version >= 7.3.0.0 < 7.3.0.7

Ibm ≫ Flex System V7000 Version-

Ibm ≫ San Volume Controller Firmware Version >= 1.1.0.0 < 7.1.0.11

Ibm ≫ San Volume Controller Version-

Ibm ≫ San Volume Controller Firmware Version >= 7.2.0.0 < 7.2.0.9

Ibm ≫ San Volume Controller Version-

Ibm ≫ San Volume Controller Firmware Version >= 7.3.0.0 < 7.3.0.7

Ibm ≫ San Volume Controller Version-

Ibm ≫ Stn6500 Firmware Version >= 3.8.0.0 < 3.8.0.07

Ibm ≫ Stn6500 Version-

Ibm ≫ Stn6500 Firmware Version >= 3.9.1.0 < 3.9.1.08

Ibm ≫ Stn6500 Version-

Ibm ≫ Stn6500 Firmware Version >= 4.1.2.0 < 4.1.2.06

Ibm ≫ Stn6500 Version-

Ibm ≫ Stn6800 Firmware Version >= 3.8.0.0 < 3.8.0.07

Ibm ≫ Stn6800 Version-

Ibm ≫ Stn6800 Firmware Version >= 3.9.1.0 < 3.9.1.08

Ibm ≫ Stn6800 Version-

Ibm ≫ Stn6800 Firmware Version >= 4.1.2.0 < 4.1.2.06

Ibm ≫ Stn6800 Version-

Ibm ≫ Stn7800 Firmware Version >= 3.8.0.0 < 3.8.0.07

Ibm ≫ Stn7800 Version-

Ibm ≫ Stn7800 Firmware Version >= 3.9.1.0 < 3.9.1.08

Ibm ≫ Stn7800 Version-

Ibm ≫ Stn7800 Firmware Version >= 4.1.2.0 < 4.1.2.06

Ibm ≫ Stn7800 Version-

Canonical ≫ Ubuntu Linux Version10.04 SwEdition-

Canonical ≫ Ubuntu Linux Version12.04 SwEdition-

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Novell ≫ Zenworks Configuration Management Version10.3

Novell ≫ Zenworks Configuration Management Version11

Novell ≫ Zenworks Configuration Management Version11.1

Novell ≫ Zenworks Configuration Management Version11.2

Novell ≫ Zenworks Configuration Management Version11.3.0

Novell ≫ Open Enterprise Server Version2.0 Updatesp3 SwPlatformlinux_kernel

Novell ≫ Open Enterprise Server Version11.0 Updatesp2 SwPlatformlinux_kernel

Checkpoint ≫ Security Gateway Version < r77.30

F5 ≫ Big-ip Access Policy Manager Version >= 10.1.0 <= 10.2.4

F5 ≫ Big-ip Access Policy Manager Version >= 11.0.0 <= 11.5.1

F5 ≫ Big-ip Access Policy Manager Version11.6.0

F5 ≫ Big-ip Advanced Firewall Manager Version >= 11.3.0 <= 11.5.1

F5 ≫ Big-ip Advanced Firewall Manager Version11.6.0

F5 ≫ Big-ip Analytics Version >= 11.0.0 <= 11.5.1

F5 ≫ Big-ip Analytics Version11.6.0

F5 ≫ Big-ip Application Acceleration Manager Version >= 11.4.0 <= 11.5.1

F5 ≫ Big-ip Application Acceleration Manager Version11.6.0

F5 ≫ Big-ip Application Security Manager Version >= 10.0.0 <= 10.2.4

F5 ≫ Big-ip Application Security Manager Version >= 11.0.0 <= 11.5.1

F5 ≫ Big-ip Application Security Manager Version11.6.0

F5 ≫ Big-ip Edge Gateway Version >= 10.1.0 <= 10.2.4

F5 ≫ Big-ip Edge Gateway Version >= 11.0.0 <= 11.3.0

F5 ≫ Big-ip Global Traffic Manager Version >= 10.0.0 <= 10.2.4

F5 ≫ Big-ip Global Traffic Manager Version >= 11.0.0 <= 11.5.1

F5 ≫ Big-ip Global Traffic Manager Version11.6.0

F5 ≫ Big-ip Link Controller Version >= 10.0.0 <= 10.2.4

F5 ≫ Big-ip Link Controller Version >= 11.0.0 <= 11.5.1

F5 ≫ Big-ip Link Controller Version11.6.0

F5 ≫ Big-ip Local Traffic Manager Version >= 10.0.0 <= 10.2.4

F5 ≫ Big-ip Local Traffic Manager Version >= 11.0.0 <= 11.5.1

F5 ≫ Big-ip Local Traffic Manager Version11.6.0

F5 ≫ Big-ip Policy Enforcement Manager Version >= 11.3.0 <= 11.5.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.6.0

F5 ≫ Big-ip Protocol Security Module Version >= 10.0.0 <= 10.2.4

F5 ≫ Big-ip Protocol Security Module Version >= 11.0.0 <= 11.4.1

F5 ≫ Big-ip Wan Optimization Manager Version >= 10.0.0 <= 10.2.4

F5 ≫ Big-ip Wan Optimization Manager Version >= 11.0.0 <= 11.3.0

F5 ≫ Big-ip Webaccelerator Version >= 10.0.0 <= 10.2.4

F5 ≫ Big-ip Webaccelerator Version >= 11.0.0 <= 11.3.0

F5 ≫ Big-iq Cloud Version >= 4.0.0 <= 4.4.0

F5 ≫ Big-iq Device Version >= 4.2.0 <= 4.4.0

F5 ≫ Big-iq Security Version >= 4.0.0 <= 4.4.0

F5 ≫ Enterprise Manager Version >= 2.1.0 <= 2.3.0

F5 ≫ Enterprise Manager Version >= 3.0.0 <= 3.1.1

F5 ≫ Traffix Signaling Delivery Controller Version >= 4.0.0 <= 4.0.5

F5 ≫ Traffix Signaling Delivery Controller Version3.3.2

F5 ≫ Traffix Signaling Delivery Controller Version3.4.1

F5 ≫ Traffix Signaling Delivery Controller Version3.5.1

F5 ≫ Traffix Signaling Delivery Controller Version4.1.0

F5 ≫ Arx Firmware Version >= 6.0.0 <= 6.4.0

F5 ≫ Arx Version-

Citrix ≫ Netscaler Sdx Firmware Version < 9.3.67.5r1

Citrix ≫ Netscaler Sdx Version-

Citrix ≫ Netscaler Sdx Firmware Version >= 10 < 10.1.129.11r1

Citrix ≫ Netscaler Sdx Version-

Citrix ≫ Netscaler Sdx Firmware Version >= 10.5 < 10.5.52.11r1

Citrix ≫ Netscaler Sdx Version-

Apple ≫ macOS X Version >= 10.0.0 < 10.10.0

VMware ≫ Vcenter Server Appliance Version5.0

VMware ≫ Vcenter Server Appliance Version5.0 Updateupdate_1

VMware ≫ Vcenter Server Appliance Version5.0 Updateupdate_2

VMware ≫ Vcenter Server Appliance Version5.1

VMware ≫ Vcenter Server Appliance Version5.1 Updateupdate_1

VMware ≫ Vcenter Server Appliance Version5.1 Updateupdate_2

VMware ≫ Vcenter Server Appliance Version5.5 Update-

VMware ≫ Vcenter Server Appliance Version5.5 Updateupdate_1

VMware ≫ Esx Version4.0

VMware ≫ Esx Version4.1

28.01.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability

Vulnerability

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	94.22%	0.999

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673

Third Party Advisory

http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html

Third Party Advisory

Broken Link

https://support.apple.com/kb/HT6535

Third Party Advisory

http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0

Third Party Advisory

Broken Link

http://marc.info/?l=bugtraq&m=141383465822787&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142546741516006&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142805027510172&w=2

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html

Third Party Advisory

Mailing List

http://www-01.ibm.com/support/docview.wss?uid=swg21685604

Third Party Advisory

http://advisories.mageia.org/MGASA-2014-0388.html

Third Party Advisory

http://jvn.jp/en/jp/JVN55667175/index.html

Vendor Advisory

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126

Third Party Advisory

Vendor Advisory

VDB Entry

http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html

Third Party Advisory

Exploit

Issue Tracking

http://linux.oracle.com/errata/ELSA-2014-1293.html

Third Party Advisory

http://linux.oracle.com/errata/ELSA-2014-1294.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141216207813411&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141216668515282&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141235957116749&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141319209015420&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141330425327438&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141330468527613&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141345648114150&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141383026420882&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141383081521087&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141383138121313&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141383196021590&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141383244821813&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141383304022067&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141383353622268&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141450491804793&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141576728022234&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141577137423233&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141577241923505&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141577297623641&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141585637922673&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141694386919794&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=141879528318582&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142113462216480&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142118135300698&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142358026505815&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142358078406056&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142719845423222&w=2

Third Party Advisory

Mailing List

http://marc.info/?l=bugtraq&m=142721162228379&w=2

Third Party Advisory

Mailing List

http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html

Third Party Advisory

Exploit

VDB Entry

http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html

Third Party Advisory

Exploit

VDB Entry

http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html

Third Party Advisory

Exploit

VDB Entry

http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html

Third Party Advisory

Exploit

VDB Entry

http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html

Third Party Advisory

VDB Entry

http://rhn.redhat.com/errata/RHSA-2014-1293.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-1294.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-1295.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-1354.html

Third Party Advisory

http://seclists.org/fulldisclosure/2014/Oct/0

Third Party Advisory

Mailing List

http://secunia.com/advisories/58200

Third Party Advisory

Broken Link

http://secunia.com/advisories/59272

Third Party Advisory

Broken Link

http://secunia.com/advisories/59737

Third Party Advisory

Broken Link

http://secunia.com/advisories/59907

Third Party Advisory

Broken Link

http://secunia.com/advisories/60024

Third Party Advisory

Broken Link

http://secunia.com/advisories/60034

Third Party Advisory

Broken Link

http://secunia.com/advisories/60044

Third Party Advisory

Broken Link

http://secunia.com/advisories/60055

Third Party Advisory

Broken Link

http://secunia.com/advisories/60063

Third Party Advisory

Broken Link

http://secunia.com/advisories/60193

Third Party Advisory

Broken Link

http://secunia.com/advisories/60325

Third Party Advisory

Broken Link

http://secunia.com/advisories/60433

Third Party Advisory

Broken Link

http://secunia.com/advisories/60947

Third Party Advisory

Broken Link

http://secunia.com/advisories/61065

Third Party Advisory

Broken Link

http://secunia.com/advisories/61128

Third Party Advisory

Broken Link

http://secunia.com/advisories/61129

Third Party Advisory

Broken Link

http://secunia.com/advisories/61188

Third Party Advisory

Broken Link

http://secunia.com/advisories/61283

Third Party Advisory

Broken Link

http://secunia.com/advisories/61287

Third Party Advisory

Broken Link

http://secunia.com/advisories/61291

Third Party Advisory

Broken Link

http://secunia.com/advisories/61312

Third Party Advisory

Broken Link

http://secunia.com/advisories/61313

Third Party Advisory

Broken Link

http://secunia.com/advisories/61328

Third Party Advisory

Broken Link

http://secunia.com/advisories/61442

Third Party Advisory

Broken Link

http://secunia.com/advisories/61471

Third Party Advisory

Broken Link

http://secunia.com/advisories/61485

Third Party Advisory

Broken Link

http://secunia.com/advisories/61503

Third Party Advisory

Broken Link

http://secunia.com/advisories/61542

Third Party Advisory

Broken Link

http://secunia.com/advisories/61547

Third Party Advisory

Broken Link

http://secunia.com/advisories/61550

Third Party Advisory

Broken Link

http://secunia.com/advisories/61552

Third Party Advisory

Broken Link

http://secunia.com/advisories/61565

Third Party Advisory

Broken Link

http://secunia.com/advisories/61603

Third Party Advisory

Broken Link

http://secunia.com/advisories/61633

Third Party Advisory

Broken Link

http://secunia.com/advisories/61641

Third Party Advisory

Broken Link

http://secunia.com/advisories/61643

Third Party Advisory

Broken Link

http://secunia.com/advisories/61654

Third Party Advisory

Broken Link

http://secunia.com/advisories/61676

Third Party Advisory

Broken Link

http://secunia.com/advisories/61700

Third Party Advisory

Broken Link

http://secunia.com/advisories/61703

Third Party Advisory

Broken Link

http://secunia.com/advisories/61711

Third Party Advisory

Broken Link

http://secunia.com/advisories/61715

Third Party Advisory

Broken Link

http://secunia.com/advisories/61780

Third Party Advisory

Broken Link

http://secunia.com/advisories/61816

Third Party Advisory

Broken Link

http://secunia.com/advisories/61855

Third Party Advisory

Broken Link

http://secunia.com/advisories/61857

Third Party Advisory

Broken Link

http://secunia.com/advisories/61873

Third Party Advisory

Broken Link

http://secunia.com/advisories/62228

Third Party Advisory

Broken Link

http://secunia.com/advisories/62312

Third Party Advisory

Broken Link

http://secunia.com/advisories/62343

Third Party Advisory

Broken Link

http://support.apple.com/kb/HT6495

Third Party Advisory

http://support.novell.com/security/cve/CVE-2014-6271.html

Third Party Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21685541

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21685733

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21685749

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21685914

Third Party Advisory

Broken Link

http://www-01.ibm.com/support/docview.wss?uid=swg21686084

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21686131

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21686246

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21686445

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21686447

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21686479

Third Party Advisory

Broken Link

http://www-01.ibm.com/support/docview.wss?uid=swg21686494

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21687079

Third Party Advisory

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315

Third Party Advisory

Broken Link

http://www.debian.org/security/2014/dsa-3032

Third Party Advisory

Mailing List

http://www.kb.cert.org/vuls/id/252743

Third Party Advisory

US Government Resource

http://www.mandriva.com/security/advisories?name=MDVSA-2015:164

Third Party Advisory

Broken Link

http://www.novell.com/support/kb/doc.php?id=7015701

Third Party Advisory

http://www.novell.com/support/kb/doc.php?id=7015721

Third Party Advisory

http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html

Third Party Advisory

http://www.qnap.com/i/en/support/con_show.php?cid=61

Third Party Advisory

http://www.securityfocus.com/archive/1/533593/100/0/threaded

Third Party Advisory

Broken Link

VDB Entry

http://www.securityfocus.com/bid/70103

Third Party Advisory

Broken Link

VDB Entry

http://www.ubuntu.com/usn/USN-2362-1

Third Party Advisory

http://www.us-cert.gov/ncas/alerts/TA14-268A

Third Party Advisory

US Government Resource

http://www.vmware.com/security/advisories/VMSA-2014-0010.html

Third Party Advisory

https://access.redhat.com/articles/1200223

Third Party Advisory

Exploit

https://access.redhat.com/node/1200223

Third Party Advisory

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=1141597

Patch

Issue Tracking

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

Third Party Advisory

Broken Link

https://kb.bluecoat.com/index?page=content&id=SA82

Third Party Advisory

Broken Link

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648

Third Party Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10085

Third Party Advisory

Broken Link

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

Third Party Advisory

Exploit

https://support.citrix.com/article/CTX200217

Third Party Advisory

https://support.citrix.com/article/CTX200223

Permissions Required

https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html

Third Party Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075

Third Party Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183

Third Party Advisory

Broken Link

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts

Third Party Advisory

https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006

Third Party Advisory

https://www.exploit-db.com/exploits/34879/

Third Party Advisory

Exploit

VDB Entry

https://www.exploit-db.com/exploits/37816/

Third Party Advisory

Exploit

VDB Entry

https://www.exploit-db.com/exploits/38849/

Third Party Advisory

Exploit

VDB Entry

https://www.exploit-db.com/exploits/39918/

Third Party Advisory

Exploit

VDB Entry

https://www.exploit-db.com/exploits/40619/

Third Party Advisory

Exploit

VDB Entry

https://www.exploit-db.com/exploits/40938/

Third Party Advisory

Exploit

VDB Entry

https://www.exploit-db.com/exploits/42938/

Third Party Advisory

Exploit

VDB Entry

https://www.suse.com/support/shellshock/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-6271

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-6271

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-6271

EUVD