CVE-2014-7169 - GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
Project:GNU
Product:Bourne-Again Shell (Bash)
Date Added:2022-01-28Due Date:2022-07-28
Vulnerability Name
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
Description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-7169