Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
CVE Identifier
|
| gptkbp:affects |
gptkb:GNU_Bash
|
| gptkbp:alsoKnownAs |
gptkb:Shellshock
|
| gptkbp:assignee |
gptkb:MITRE
|
| gptkbp:category |
Environment Variable Injection
Command Injection |
| gptkbp:describes |
A vulnerability in GNU Bash that allows remote code execution via specially crafted environment variables.
|
| gptkbp:discoveredIn |
2014
|
| gptkbp:exploits |
Remote code execution
|
| gptkbp:hasCVSSScore |
10.0
|
| gptkbp:hasCWE |
gptkb:CWE-78
|
| gptkbp:hasSeverity |
High
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2014-6271
|
| gptkbp:impact |
Allows attackers to execute arbitrary commands on affected systems
|
| gptkbp:partOf |
Shellshock family of vulnerabilities
|
| gptkbp:patchedBy |
Yes
|
| gptkbp:publicationDate |
2014-09-24
|
| gptkbp:referencedIn |
https://nvd.nist.gov/vuln/detail/CVE-2014-6271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 |
| gptkbp:vectorFor |
gptkb:network_protocol
|
| gptkbp:vulnerableSoftware |
Bash 4.3 and earlier
|
| gptkbp:bfsParent |
gptkb:Shellshock_(2014)
|
| gptkbp:bfsLayer |
6
|