Statements (23)
Predicate | Object |
---|---|
gptkbp:instanceOf |
CVE Identifier
|
gptkbp:affects |
gptkb:GNU_Bash
|
gptkbp:alsoKnownAs |
gptkb:Shellshock
|
gptkbp:assignee |
gptkb:MITRE
|
gptkbp:category |
Environment Variable Injection
Command Injection |
gptkbp:describes |
A vulnerability in GNU Bash that allows remote code execution via specially crafted environment variables.
|
gptkbp:discoveredIn |
2014
|
gptkbp:exploits |
Remote code execution
|
gptkbp:hasCVSSScore |
10.0
|
gptkbp:hasCWE |
gptkb:CWE-78
|
gptkbp:hasSeverity |
High
|
https://www.w3.org/2000/01/rdf-schema#label |
CVE-2014-6271
|
gptkbp:impact |
Allows attackers to execute arbitrary commands on affected systems
|
gptkbp:partOf |
Shellshock family of vulnerabilities
|
gptkbp:patchedBy |
Yes
|
gptkbp:publicationDate |
2014-09-24
|
gptkbp:referencedIn |
https://nvd.nist.gov/vuln/detail/CVE-2014-6271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 |
gptkbp:vectorFor |
gptkb:network_protocol
|
gptkbp:vulnerableSoftware |
Bash 4.3 and earlier
|
gptkbp:bfsParent |
gptkb:Shellshock_(2014)
|
gptkbp:bfsLayer |
6
|