CVE-2014-6271 - GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
Project:GNU
Product:Bourne-Again Shell (Bash)
Date Added:2022-01-28Due Date:2022-07-28
Vulnerability Name
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
Description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-6271
Related News Articles
251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and ElasticsearchMay 28, 2025