CVE-2014-6271

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf CVE Identifier
gptkbp:affects gptkb:GNU_Bash
gptkbp:alsoKnownAs gptkb:Shellshock
gptkbp:assignee gptkb:MITRE
gptkbp:category Environment Variable Injection
Command Injection
gptkbp:describes A vulnerability in GNU Bash that allows remote code execution via specially crafted environment variables.
gptkbp:discoveredIn 2014
gptkbp:exploits Remote code execution
gptkbp:hasCVSSScore 10.0
gptkbp:hasCWE gptkb:CWE-78
gptkbp:hasSeverity High
https://www.w3.org/2000/01/rdf-schema#label CVE-2014-6271
gptkbp:impact Allows attackers to execute arbitrary commands on affected systems
gptkbp:partOf Shellshock family of vulnerabilities
gptkbp:patchedBy Yes
gptkbp:publicationDate 2014-09-24
gptkbp:referencedIn https://nvd.nist.gov/vuln/detail/CVE-2014-6271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
gptkbp:vectorFor gptkb:network_protocol
gptkbp:vulnerableSoftware Bash 4.3 and earlier
gptkbp:bfsParent gptkb:Shellshock_(2014)
gptkbp:bfsLayer 6