Critical severity9.8CISA KEVNVD Advisory· Published Sep 24, 2014· Updated Apr 22, 2026
CVE-2014-6271
CVE-2014-6271
Description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Affected products
265cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*range: >=1.0.0.0,<=1.0.0.4
- cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*+ 85 more
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*+ 29 more
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*
- cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*
cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*+ 2 more
- cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*range: <1.2.1
- cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*range: <1.2.1
- cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*range: <1.2.1
- cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*
- cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*
- cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*
- cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*Range: <9.3.67.5r1
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*Range: >=1.1.0.0,<7.1.0.11
- cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*Range: >=1.1.0.0,<7.1.0.11
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*Range: >=1.1.0.0,<7.1.0.11
- cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*Range: >=1.1.0.0,<7.1.0.11
- cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*Range: >=1.1.0.0,<7.1.0.11
- cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*Range: >=1.1.0.0,<1.4.3.5
cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*+ 1 more
- cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*
- cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*
cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*+ 6 more
- cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
171- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlnvdExploitIssue TrackingThird Party Advisory
- packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlnvdExploitThird Party AdvisoryVDB Entry
- packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlnvdExploitThird Party AdvisoryVDB Entry
- packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.htmlnvdExploitThird Party AdvisoryVDB Entry
- access.redhat.com/articles/1200223nvdExploitThird Party Advisory
- access.redhat.com/node/1200223nvdExploitThird Party Advisory
- securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/nvdExploitThird Party Advisory
- www.exploit-db.com/exploits/34879/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/37816/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/38849/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/39918/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/40619/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/40938/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/42938/nvdExploitThird Party AdvisoryVDB Entry
- advisories.mageia.org/MGASA-2014-0388.htmlnvdThird Party Advisory
- archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlnvdBroken LinkThird Party Advisory
- jvn.jp/en/jp/JVN55667175/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2014-000126nvdThird Party AdvisoryVDB EntryVendor Advisory
- kb.juniper.net/InfoCenter/indexnvdThird Party Advisory
- linux.oracle.com/errata/ELSA-2014-1293.htmlnvdThird Party Advisory
- linux.oracle.com/errata/ELSA-2014-1294.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlnvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.htmlnvdThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2014-1293.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-1294.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-1295.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-1354.htmlnvdThird Party Advisory
- seclists.org/fulldisclosure/2014/Oct/0nvdMailing ListThird Party Advisory
- secunia.com/advisories/58200nvdBroken LinkThird Party Advisory
- secunia.com/advisories/59272nvdBroken LinkThird Party Advisory
- secunia.com/advisories/59737nvdBroken LinkThird Party Advisory
- secunia.com/advisories/59907nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60024nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60034nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60044nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60055nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60063nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60193nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60325nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60433nvdBroken LinkThird Party Advisory
- secunia.com/advisories/60947nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61065nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61128nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61129nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61188nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61283nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61287nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61291nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61312nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61313nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61328nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61442nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61471nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61485nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61503nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61542nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61547nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61550nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61552nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61565nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61603nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61633nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61641nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61643nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61654nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61676nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61700nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61703nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61711nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61715nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61780nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61816nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61855nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61857nvdBroken LinkThird Party Advisory
- secunia.com/advisories/61873nvdBroken LinkThird Party Advisory
- secunia.com/advisories/62228nvdBroken LinkThird Party Advisory
- secunia.com/advisories/62312nvdBroken LinkThird Party Advisory
- secunia.com/advisories/62343nvdBroken LinkThird Party Advisory
- support.apple.com/kb/HT6495nvdThird Party Advisory
- support.novell.com/security/cve/CVE-2014-6271.htmlnvdThird Party Advisory
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdBroken LinkThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdBroken LinkThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-947.ibm.com/support/entry/portal/docdisplaynvdBroken LinkThird Party Advisory
- www.debian.org/security/2014/dsa-3032nvdMailing ListThird Party Advisory
- www.kb.cert.org/vuls/id/252743nvdThird Party AdvisoryUS Government Resource
- www.mandriva.com/security/advisoriesnvdBroken LinkThird Party Advisory
- www.novell.com/support/kb/doc.phpnvdThird Party Advisory
- www.novell.com/support/kb/doc.phpnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlnvdThird Party Advisory
- www.qnap.com/i/en/support/con_show.phpnvdThird Party Advisory
- www.securityfocus.com/archive/1/533593/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/70103nvdBroken LinkThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2362-1nvdThird Party Advisory
- www.us-cert.gov/ncas/alerts/TA14-268AnvdThird Party AdvisoryUS Government Resource
- www.vmware.com/security/advisories/VMSA-2014-0010.htmlnvdThird Party Advisory
- www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0nvdBroken LinkThird Party Advisory
- help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+FixesnvdBroken LinkThird Party Advisory
- kb.bluecoat.com/indexnvdBroken LinkThird Party Advisory
- kb.juniper.net/InfoCenter/indexnvdThird Party Advisory
- kc.mcafee.com/corporate/indexnvdBroken LinkThird Party Advisory
- support.apple.com/kb/HT6535nvdThird Party Advisory
- support.citrix.com/article/CTX200217nvdThird Party Advisory
- support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlnvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdBroken LinkThird Party Advisory
- supportcenter.checkpoint.com/supportcenter/portalnvdThird Party Advisory
- www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006nvdThird Party Advisory
- www.suse.com/support/shellshock/nvdThird Party Advisory
- support.citrix.com/article/CTX200223nvdPermissions Required
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
2- The Convergence of Cloud Secrets & AI RiskSentinelOne Labs · May 13, 2026
- AI-powered honeypots: Turning the tables on malicious AI agentsCisco Talos Intelligence · Apr 29, 2026