CVE-2014-6271 - Vulnerability Details

- bash: specially-crafted environment variables can be used to inject shell commands

Description

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

Published: 2014-09-24

Score: 9.8 Critical

EPSS: 94.2% High

KEV: Yes

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::

Configuration 3 [-]

OR	cpe:2.3:o:oracle:linux:4:::::::*
	cpe:2.3:o:oracle:linux:5:-::::::
	cpe:2.3:o:oracle:linux:6:-::::::

Configuration 4 [-]

OR	cpe:2.3:o:qnap:qts::::::::
	cpe:2.3:o:qnap:qts:4.1.1:-::::::
	cpe:2.3:o:qnap:qts:4.1.1:build_0927::::::

Configuration 5 [-]

OR	cpe:2.3:o:mageia:mageia:3.0:::::::*
	cpe:2.3:o:mageia:mageia:4.0:::::::*

Configuration 6 [-]

OR	cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:::::::*
	cpe:2.3:a:redhat:virtualization:3.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 7 [-]

OR	cpe:2.3:a:suse:studio_onsite:1.3:::::::*
	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::ltss:::*
	cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss:::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:-::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::*
	cpe:2.3:o:suse:linux_enterprise_server:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-::::::

Configuration 8 [-]

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 9 [-]

OR	cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:::::::*
	cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:::::::*
	cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:::::::*
	cpe:2.3:a:ibm:pureapplication_system::::::::
	cpe:2.3:a:ibm:pureapplication_system::::::::
	cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:::::::*
	cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:::::::*
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1::::::
	cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:::::::*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9::::::
cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:::::::*
cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:::::::*
cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:::::::*
cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:::::::*
cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:::::::*
cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:::::kvm:::*
cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:::::openflow:::*
cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:::::vmware:::*
cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:::::::*
cpe:2.3:a:ibm:workload_deployer::::::::
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:::::::*
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:::::::*
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:::::::*
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:::::::*

Configuration 10 [-]

AND

OR	cpe:2.3:o:ibm:storwize_v7000_firmware::::::::
	cpe:2.3:o:ibm:storwize_v7000_firmware::::::::
	cpe:2.3:o:ibm:storwize_v7000_firmware::::::::
	cpe:2.3:o:ibm:storwize_v7000_firmware::::::::

cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:ibm:storwize_v5000_firmware::::::::
	cpe:2.3:o:ibm:storwize_v5000_firmware::::::::
	cpe:2.3:o:ibm:storwize_v5000_firmware::::::::

cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

OR	cpe:2.3:o:ibm:storwize_v3700_firmware::::::::
	cpe:2.3:o:ibm:storwize_v3700_firmware::::::::
	cpe:2.3:o:ibm:storwize_v3700_firmware::::::::

cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

OR	cpe:2.3:o:ibm:storwize_v3500_firmware::::::::
	cpe:2.3:o:ibm:storwize_v3500_firmware::::::::
	cpe:2.3:o:ibm:storwize_v3500_firmware::::::::

cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

OR	cpe:2.3:o:ibm:flex_system_v7000_firmware::::::::
	cpe:2.3:o:ibm:flex_system_v7000_firmware::::::::
	cpe:2.3:o:ibm:flex_system_v7000_firmware::::::::

cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

OR	cpe:2.3:o:ibm:san_volume_controller_firmware::::::::
	cpe:2.3:o:ibm:san_volume_controller_firmware::::::::
	cpe:2.3:o:ibm:san_volume_controller_firmware::::::::

cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

OR	cpe:2.3:o:ibm:stn6500_firmware::::::::
	cpe:2.3:o:ibm:stn6500_firmware::::::::
	cpe:2.3:o:ibm:stn6500_firmware::::::::

cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

OR	cpe:2.3:o:ibm:stn6800_firmware::::::::
	cpe:2.3:o:ibm:stn6800_firmware::::::::
	cpe:2.3:o:ibm:stn6800_firmware::::::::

cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

OR	cpe:2.3:o:ibm:stn7800_firmware::::::::
	cpe:2.3:o:ibm:stn7800_firmware::::::::
	cpe:2.3:o:ibm:stn7800_firmware::::::::

cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*

Configuration 19 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

Configuration 20 [-]

OR	cpe:2.3:a:novell:zenworks_configuration_management:10.3:::::::*
	cpe:2.3:a:novell:zenworks_configuration_management:11:::::::*
	cpe:2.3:a:novell:zenworks_configuration_management:11.1:::::::*
	cpe:2.3:a:novell:zenworks_configuration_management:11.2:::::::*
	cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:::::::*
	cpe:2.3:o:novell:open_enterprise_server:2.0:sp3::::linux_kernel::*
	cpe:2.3:o:novell:open_enterprise_server:11.0:sp2::::linux_kernel::*

Configuration 21 [-]

cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*

Configuration 22 [-]

OR	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:::::::*
	cpe:2.3:a:f5:big-ip_protocol_security_module::::::::
	cpe:2.3:a:f5:big-ip_protocol_security_module::::::::
	cpe:2.3:a:f5:big-ip_wan_optimization_manager::::::::
	cpe:2.3:a:f5:big-ip_wan_optimization_manager::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-iq_cloud::::::::
	cpe:2.3:a:f5:big-iq_device::::::::
	cpe:2.3:a:f5:big-iq_security::::::::
	cpe:2.3:a:f5:enterprise_manager::::::::
	cpe:2.3:a:f5:enterprise_manager::::::::
	cpe:2.3:a:f5:traffix_signaling_delivery_controller::::::::
	cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:::::::*
	cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:::::::*
	cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:::::::*
	cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:::::::*

Configuration 23 [-]

AND

cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

OR	cpe:2.3:o:citrix:netscaler_sdx_firmware::::::::
	cpe:2.3:o:citrix:netscaler_sdx_firmware::::::::
	cpe:2.3:o:citrix:netscaler_sdx_firmware::::::::

cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*

Configuration 25 [-]

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 26 [-]

OR	cpe:2.3:a:vmware:vcenter_server_appliance:5.0:::::::*
	cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1::::::
	cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2::::::
	cpe:2.3:a:vmware:vcenter_server_appliance:5.1:::::::*
	cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1::::::
	cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2::::::
	cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-::::::
	cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1::::::
	cpe:2.3:o:vmware:esx:4.0:::::::*
	cpe:2.3:o:vmware:esx:4.1:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 4 Extended Lifecycle Support
bash-0:3.0-27.el4.2	cpe:/o:redhat:rhel_els:4	RHSA-2014:1294	2014-09-24T00:00:00Z
Red Hat Enterprise Linux 5
bash-0:3.2-33.el5.1	cpe:/o:redhat:enterprise_linux:5	RHSA-2014:1293	2014-09-24T00:00:00Z
Red Hat Enterprise Linux 5.6 Long Life
bash-0:3.2-24.el5_6.1	cpe:/o:redhat:rhel_mission_critical:5.6	RHSA-2014:1294	2014-09-24T00:00:00Z
Red Hat Enterprise Linux 5.9 Extended Update Support
bash-0:3.2-32.el5_9.2	cpe:/o:redhat:rhel_eus:5.9	RHSA-2014:1294	2014-09-24T00:00:00Z
Red Hat Enterprise Linux 6
bash-0:4.1.2-15.el6_5.1	cpe:/o:redhat:enterprise_linux:6	RHSA-2014:1293	2014-09-24T00:00:00Z
Red Hat Enterprise Linux 6.2 Advanced Update Support
bash-0:4.1.2-9.el6_2.1	cpe:/o:redhat:rhel_mission_critical:6.2	RHSA-2014:1294	2014-09-24T00:00:00Z
Red Hat Enterprise Linux 6.4 Extended Update Support
bash-0:4.1.2-15.el6_4.1	cpe:/o:redhat:rhel_eus:6.4	RHSA-2014:1294	2014-09-24T00:00:00Z
Red Hat Enterprise Linux 7
bash-0:4.2.45-5.el7_0.2	cpe:/o:redhat:enterprise_linux:7	RHSA-2014:1293	2014-09-24T00:00:00Z
RHEV Manager version 3.4
rhev-hypervisor6-0:6.5-20140930.1.el6ev	cpe:/a:redhat:rhev_manager:3	RHSA-2014:1354	2014-10-02T00:00:00Z
S-JIS for Red Hat Enteprise Linux 5
bash-0:3.2-33.el5_11.1.sjis.1	cpe:/a:redhat:rhel_sjis:5	RHSA-2014:1295	2014-09-24T00:00:00Z
S-JIS for Red Hat Enteprise Linux 6
bash-0:4.1.2-15.el6_5.1.sjis.1	cpe:/a:redhat:rhel_sjis:6	RHSA-2014:1295	2014-09-24T00:00:00Z

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-63-1	bash security update
Debian DSA	DSA-3032-1	bash security update
Debian DSA	DSA-3035-1	bash security update
Ubuntu USN	USN-2362-1	Bash vulnerability

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since Jan. 28, 2022.

The EPSS score is 0.9422.

Exploitation active

Automatable yes

Technical Impact total

References

Link	Providers
http://advisories.mageia.org/MGASA-2014-0388.html
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
http://jvn.jp/en/jp/JVN55667175/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html
http://linux.oracle.com/errata/ELSA-2014-1293.html
http://linux.oracle.com/errata/ELSA-2014-1294.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
http://marc.info/?l=bugtraq&m=141216207813411&w=2
http://marc.info/?l=bugtraq&m=141216668515282&w=2
http://marc.info/?l=bugtraq&m=141235957116749&w=2
http://marc.info/?l=bugtraq&m=141319209015420&w=2
http://marc.info/?l=bugtraq&m=141330425327438&w=2
http://marc.info/?l=bugtraq&m=141330468527613&w=2
http://marc.info/?l=bugtraq&m=141345648114150&w=2
http://marc.info/?l=bugtraq&m=141383026420882&w=2
http://marc.info/?l=bugtraq&m=141383081521087&w=2
http://marc.info/?l=bugtraq&m=141383138121313&w=2
http://marc.info/?l=bugtraq&m=141383196021590&w=2
http://marc.info/?l=bugtraq&m=141383244821813&w=2
http://marc.info/?l=bugtraq&m=141383304022067&w=2
http://marc.info/?l=bugtraq&m=141383353622268&w=2
http://marc.info/?l=bugtraq&m=141383465822787&w=2
http://marc.info/?l=bugtraq&m=141450491804793&w=2
http://marc.info/?l=bugtraq&m=141576728022234&w=2
http://marc.info/?l=bugtraq&m=141577137423233&w=2
http://marc.info/?l=bugtraq&m=141577241923505&w=2
http://marc.info/?l=bugtraq&m=141577297623641&w=2
http://marc.info/?l=bugtraq&m=141585637922673&w=2
http://marc.info/?l=bugtraq&m=141694386919794&w=2
http://marc.info/?l=bugtraq&m=141879528318582&w=2
http://marc.info/?l=bugtraq&m=142113462216480&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142358026505815&w=2
http://marc.info/?l=bugtraq&m=142358078406056&w=2
http://marc.info/?l=bugtraq&m=142546741516006&w=2
http://marc.info/?l=bugtraq&m=142719845423222&w=2
http://marc.info/?l=bugtraq&m=142721162228379&w=2
http://marc.info/?l=bugtraq&m=142805027510172&w=2
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html
http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html
http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html
http://rhn.redhat.com/errata/RHSA-2014-1293.html
http://rhn.redhat.com/errata/RHSA-2014-1294.html
http://rhn.redhat.com/errata/RHSA-2014-1295.html
http://rhn.redhat.com/errata/RHSA-2014-1354.html
http://seclists.org/fulldisclosure/2014/Oct/0
http://secunia.com/advisories/58200
http://secunia.com/advisories/59272
http://secunia.com/advisories/59737
http://secunia.com/advisories/59907
http://secunia.com/advisories/60024
http://secunia.com/advisories/60034
http://secunia.com/advisories/60044
http://secunia.com/advisories/60055
http://secunia.com/advisories/60063
http://secunia.com/advisories/60193
http://secunia.com/advisories/60325
http://secunia.com/advisories/60433
http://secunia.com/advisories/60947
http://secunia.com/advisories/61065
http://secunia.com/advisories/61128
http://secunia.com/advisories/61129
http://secunia.com/advisories/61188
http://secunia.com/advisories/61283
http://secunia.com/advisories/61287
http://secunia.com/advisories/61291
http://secunia.com/advisories/61312
http://secunia.com/advisories/61313
http://secunia.com/advisories/61328
http://secunia.com/advisories/61442
http://secunia.com/advisories/61471
http://secunia.com/advisories/61485
http://secunia.com/advisories/61503
http://secunia.com/advisories/61542
http://secunia.com/advisories/61547
http://secunia.com/advisories/61550
http://secunia.com/advisories/61552
http://secunia.com/advisories/61565
http://secunia.com/advisories/61603
http://secunia.com/advisories/61633
http://secunia.com/advisories/61641
http://secunia.com/advisories/61643
http://secunia.com/advisories/61654
http://secunia.com/advisories/61676
http://secunia.com/advisories/61700
http://secunia.com/advisories/61703
http://secunia.com/advisories/61711
http://secunia.com/advisories/61715
http://secunia.com/advisories/61780
http://secunia.com/advisories/61816
http://secunia.com/advisories/61855
http://secunia.com/advisories/61857
http://secunia.com/advisories/61873
http://secunia.com/advisories/62228
http://secunia.com/advisories/62312
http://secunia.com/advisories/62343
http://support.apple.com/kb/HT6495
http://support.novell.com/security/cve/CVE-2014-6271.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
http://www-01.ibm.com/support/docview.wss?uid=swg21685541
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
http://www-01.ibm.com/support/docview.wss?uid=swg21685733
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
http://www-01.ibm.com/support/docview.wss?uid=swg21685914
http://www-01.ibm.com/support/docview.wss?uid=swg21686084
http://www-01.ibm.com/support/docview.wss?uid=swg21686131
http://www-01.ibm.com/support/docview.wss?uid=swg21686246
http://www-01.ibm.com/support/docview.wss?uid=swg21686445
http://www-01.ibm.com/support/docview.wss?uid=swg21686447
http://www-01.ibm.com/support/docview.wss?uid=swg21686479
http://www-01.ibm.com/support/docview.wss?uid=swg21686494
http://www-01.ibm.com/support/docview.wss?uid=swg21687079
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
http://www.debian.org/security/2014/dsa-3032
http://www.kb.cert.org/vuls/id/252743
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
http://www.novell.com/support/kb/doc.php?id=7015701
http://www.novell.com/support/kb/doc.php?id=7015721
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
http://www.qnap.com/i/en/support/con_show.php?cid=61
http://www.securityfocus.com/archive/1/533593/100/0/threaded
http://www.securityfocus.com/bid/70103
http://www.ubuntu.com/usn/USN-2362-1
http://www.us-cert.gov/ncas/alerts/TA14-268A
http://www.vmware.com/security/advisories/VMSA-2014-0010.html
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
https://access.redhat.com/articles/1200223
https://access.redhat.com/node/1200223
https://bugzilla.redhat.com/show_bug.cgi?id=1141597
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://kb.bluecoat.com/index?page=content&id=SA82
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
https://kc.mcafee.com/corporate/index?page=content&id=SB10085
https://nvd.nist.gov/vuln/detail/CVE-2014-6271
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
https://support.apple.com/kb/HT6535
https://support.citrix.com/article/CTX200217
https://support.citrix.com/article/CTX200223
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271
https://www.cve.org/CVERecord?id=CVE-2014-6271
https://www.exploit-db.com/exploits/34879/
https://www.exploit-db.com/exploits/37816/
https://www.exploit-db.com/exploits/38849/
https://www.exploit-db.com/exploits/39918/
https://www.exploit-db.com/exploits/40619/
https://www.exploit-db.com/exploits/40938/
https://www.exploit-db.com/exploits/42938/
https://www.suse.com/support/shellshock/

History

Wed, 22 Oct 2025 01:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271

Tue, 21 Oct 2025 20:30:00 +0000

Type	Values Removed	Values Added
References	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271

Tue, 21 Oct 2025 19:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271

Fri, 07 Feb 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-01-28'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 13 Aug 2024 23:45:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Subscriptions

Apple Mac Os X

Arista Eos

Canonical Ubuntu Linux

Checkpoint Security Gateway

Citrix Netscaler Sdx Netscaler Sdx Firmware

Debian Debian Linux

F5 Arx Arx Firmware Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Analytics Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Edge Gateway Big-ip Global Traffic Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager Big-ip Protocol Security Module Big-ip Wan Optimization Manager Big-ip Webaccelerator Big-iq Cloud Big-iq Device Big-iq Security Enterprise Manager Traffix Signaling Delivery Controller

Gnu Bash

Ibm Flex System V7000 Flex System V7000 Firmware Infosphere Guardium Database Activity Monitoring Pureapplication System Qradar Risk Manager Qradar Security Information And Event Manager Qradar Vulnerability Manager San Volume Controller San Volume Controller Firmware Security Access Manager For Mobile 8.0 Firmware Security Access Manager For Web 7.0 Firmware Security Access Manager For Web 8.0 Firmware Smartcloud Entry Appliance Smartcloud Provisioning Software Defined Network For Virtual Environments Starter Kit For Cloud Stn6500 Stn6500 Firmware Stn6800 Stn6800 Firmware Stn7800 Stn7800 Firmware Storwize V3500 Storwize V3500 Firmware Storwize V3700 Storwize V3700 Firmware Storwize V5000 Storwize V5000 Firmware Storwize V7000 Storwize V7000 Firmware Workload Deployer

Mageia Mageia

Novell Open Enterprise Server Zenworks Configuration Management

Opensuse Opensuse

Oracle Linux

Qnap Qts

Redhat Enterprise Linux Enterprise Linux Desktop Enterprise Linux Eus Enterprise Linux For Ibm Z Systems Enterprise Linux For Power Big Endian Enterprise Linux For Power Big Endian Eus Enterprise Linux For Scientific Computing Enterprise Linux Server Enterprise Linux Server Aus Enterprise Linux Server From Rhui Enterprise Linux Server Tus Enterprise Linux Workstation Gluster Storage Server For On-premise Rhel Els Rhel Eus Rhel Mission Critical Rhel Sjis Rhev Manager Virtualization

Suse Linux Enterprise Desktop Linux Enterprise Server Linux Enterprise Software Development Kit Studio Onsite

Vmware Esx Vcenter Server Appliance

MITRE

Status: PUBLISHED

Assigner: debian

Published: 2014-09-24T18:00:00.000Z

Updated: 2025-10-22T00:05:36.342Z

Reserved: 2014-09-09T00:00:00.000Z

Link: CVE-2014-6271

Vulnrichment

Updated: 2024-08-06T12:10:13.276Z

NVD

Status : Analyzed

Published: 2014-09-24T18:48:04.477

Modified: 2026-04-22T16:07:22.050

Link: CVE-2014-6271

Redhat

Severity : Critical

Publid Date: 2014-09-24T00:00:00Z

Links: CVE-2014-6271 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-78

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation active

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object