{"cve":{"cve_id":"CVE-2014-6271","is_kev":true,"kev_date_added":"2022-01-28","kev_vendor_project":"GNU","kev_product":"Bourne-Again Shell (Bash)","kev_vulnerability_name":"GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability","kev_short_description":"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.","kev_required_action":"Apply updates per vendor instructions.","kev_due_date":"2022-07-28","kev_known_ransomware":false,"kev_notes":"https://nvd.nist.gov/vuln/detail/CVE-2014-6271","kev_cwes":["CWE-78"],"epss_score":0.99999,"epss_percentile":0.99992,"epss_as_of":"2026-06-23","description":"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.","published_at":"2014-09-24T18:00:00Z","last_modified_at":null,"cvss_v3_score":9.8,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-78"],"nvd_references":["https://www.exploit-db.com/exploits/37816/","http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html","http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897","http://www-01.ibm.com/support/docview.wss?uid=swg21685749","http://marc.info/?l=bugtraq&m=141577137423233&w=2","http://marc.info/?l=bugtraq&m=142719845423222&w=2","https://www.exploit-db.com/exploits/39918/","http://marc.info/?l=bugtraq&m=141216668515282&w=2","http://rhn.redhat.com/errata/RHSA-2014-1295.html","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html","https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/","https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts","http://marc.info/?l=bugtraq&m=141383138121313&w=2","http://marc.info/?l=bugtraq&m=142721162228379&w=2","http://www.securityfocus.com/archive/1/533593/100/0/threaded","http://marc.info/?l=bugtraq&m=142358026505815&w=2","http://www-01.ibm.com/support/docview.wss?uid=swg21686084","http://www-01.ibm.com/support/docview.wss?uid=swg21686479","http://marc.info/?l=bugtraq&m=142719845423222&w=2","http://secunia.com/advisories/61188","http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","http://jvn.jp/en/jp/JVN55667175/index.html","http://secunia.com/advisories/61676","https://www.exploit-db.com/exploits/40619/","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html","http://secunia.com/advisories/60433","https://www.exploit-db.com/exploits/38849/","http://marc.info/?l=bugtraq&m=141383026420882&w=2","http://marc.info/?l=bugtraq&m=141585637922673&w=2","http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html","http://marc.info/?l=bugtraq&m=141576728022234&w=2","http://www-01.ibm.com/support/docview.wss?uid=swg21685541","http://secunia.com/advisories/61715","http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html","http://secunia.com/advisories/61816","http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html","http://secunia.com/advisories/61442","http://marc.info/?l=bugtraq&m=142358078406056&w=2","http://marc.info/?l=bugtraq&m=142805027510172&w=2","http://secunia.com/advisories/61283","http://marc.info/?l=bugtraq&m=142113462216480&w=2","http://www.ubuntu.com/usn/USN-2362-1","https://kc.mcafee.com/corporate/index?page=content&id=SB10085","http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html","http://secunia.com/advisories/61654","http://secunia.com/advisories/61542","http://www.novell.com/support/kb/doc.php?id=7015701","http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315","http://secunia.com/advisories/62312","http://secunia.com/advisories/59272","http://marc.info/?l=bugtraq&m=141319209015420&w=2","https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html","http://marc.info/?l=bugtraq&m=141879528318582&w=2","http://www-01.ibm.com/support/docview.wss?uid=swg21685604","http://marc.info/?l=bugtraq&m=142118135300698&w=2","http://secunia.com/advisories/61703","http://support.apple.com/kb/HT6495","http://www.kb.cert.org/vuls/id/252743","http://secunia.com/advisories/61065","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html","http://marc.info/?l=bugtraq&m=141383196021590&w=2","http://marc.info/?l=bugtraq&m=141383081521087&w=2","http://www-01.ibm.com/support/docview.wss?uid=swg21686445","http://www-01.ibm.com/support/docview.wss?uid=swg21686131","http://www.securityfocus.com/bid/70103","http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126","http://marc.info/?l=bugtraq&m=141879528318582&w=2","http://www.us-cert.gov/ncas/alerts/TA14-268A","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html","http://secunia.com/advisories/61641","https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648","https://access.redhat.com/node/1200223","http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html","http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html","http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898","http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html","http://www-01.ibm.com/support/docview.wss?uid=swg21685914","http://seclists.org/fulldisclosure/2014/Oct/0","http://www.mandriva.com/security/advisories?name=MDVSA-2015:164","http://rhn.redhat.com/errata/RHSA-2014-1293.html","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html","http://marc.info/?l=bugtraq&m=142721162228379&w=2","http://secunia.com/advisories/60325","https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes","http://secunia.com/advisories/60024","http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html","https://www.exploit-db.com/exploits/34879/","https://access.redhat.com/articles/1200223","http://secunia.com/advisories/62343","http://secunia.com/advisories/61565","https://www.suse.com/support/shellshock/","http://marc.info/?l=bugtraq&m=141450491804793&w=2","http://secunia.com/advisories/61313","http://marc.info/?l=bugtraq&m=142358026505815&w=2","http://secunia.com/advisories/61873","http://secunia.com/advisories/61485","http://secunia.com/advisories/60947","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183","https://support.apple.com/kb/HT6535","http://marc.info/?l=bugtraq&m=141577297623641&w=2","http://marc.info/?l=bugtraq&m=142546741516006&w=2","http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272","http://marc.info/?l=bugtraq&m=141383244821813&w=2","http://secunia.com/advisories/61312","http://secunia.com/advisories/60193","http://www.vmware.com/security/advisories/VMSA-2014-0010.html","http://linux.oracle.com/errata/ELSA-2014-1294.html","http://secunia.com/advisories/60063","http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html","http://secunia.com/advisories/60034","http://marc.info/?l=bugtraq&m=141330425327438&w=2","http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html","http://secunia.com/advisories/59907","http://secunia.com/advisories/58200","http://marc.info/?l=bugtraq&m=141577241923505&w=2","http://secunia.com/advisories/61643","http://www.novell.com/support/kb/doc.php?id=7015721","http://www-01.ibm.com/support/docview.wss?uid=swg21687079","http://secunia.com/advisories/61503","http://www-01.ibm.com/support/docview.wss?uid=swg21686246","http://rhn.redhat.com/errata/RHSA-2014-1354.html","https://www.exploit-db.com/exploits/40938/","http://marc.info/?l=bugtraq&m=141216207813411&w=2","http://support.novell.com/security/cve/CVE-2014-6271.html","http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915","http://secunia.com/advisories/61547","http://marc.info/?l=bugtraq&m=141383465822787&w=2","http://www.qnap.com/i/en/support/con_show.php?cid=61","http://marc.info/?l=bugtraq&m=141694386919794&w=2","http://secunia.com/advisories/61552","http://secunia.com/advisories/61780","http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279","https://support.citrix.com/article/CTX200223","http://www.debian.org/security/2014/dsa-3032","http://www-01.ibm.com/support/docview.wss?uid=swg21686447","http://secunia.com/advisories/62228","http://marc.info/?l=bugtraq&m=141330468527613&w=2","http://secunia.com/advisories/61855","http://marc.info/?l=bugtraq&m=141235957116749&w=2","http://secunia.com/advisories/60044","http://secunia.com/advisories/61291","http://rhn.redhat.com/errata/RHSA-2014-1294.html","http://marc.info/?l=bugtraq&m=141345648114150&w=2","http://secunia.com/advisories/59737","http://secunia.com/advisories/61287","http://marc.info/?l=bugtraq&m=141383353622268&w=2","http://marc.info/?l=bugtraq&m=142118135300698&w=2","https://bugzilla.redhat.com/show_bug.cgi?id=1141597","http://marc.info/?l=bugtraq&m=142118135300698&w=2","http://secunia.com/advisories/61711","http://marc.info/?l=bugtraq&m=142113462216480&w=2","http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361","http://marc.info/?l=bugtraq&m=141383304022067&w=2","http://advisories.mageia.org/MGASA-2014-0388.html","http://secunia.com/advisories/61128","https://support.citrix.com/article/CTX200217","http://secunia.com/advisories/61471","http://secunia.com/advisories/60055","http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash","http://secunia.com/advisories/61550","http://secunia.com/advisories/61633","http://linux.oracle.com/errata/ELSA-2014-1293.html","http://www-01.ibm.com/support/docview.wss?uid=swg21686494","https://kb.bluecoat.com/index?page=content&id=SA82","http://secunia.com/advisories/61328","http://www-01.ibm.com/support/docview.wss?uid=swg21685733","https://www.exploit-db.com/exploits/42938/","http://secunia.com/advisories/61129","http://secunia.com/advisories/61700","http://secunia.com/advisories/61603","http://secunia.com/advisories/61857","http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879","http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html","https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"],"vuln_status":null,"trending_score":0.6099982,"is_trending":true,"has_trended":true,"trended_number_one":false,"trending_peak_score":0.6099982,"trending_peak_rank":33,"started_trending_at":"2026-06-29T02:30:27.366045Z","trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T02:30:27.550645Z"},"effective_severity":"CRITICAL","badges":["kev","poc","trending","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[],"exploit_refs":[{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2014/CVE-2014-6271.yaml","title":"ShellShock - Remote Code Execution","author":"pentest_swissky,0xelkomy","disclosed_at":null}],"news":[],"references":[{"url":"https://www.exploit-db.com/exploits/37816/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897","source_type":"MISC","tags":[]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21685749","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141577137423233&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=142719845423222&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://www.exploit-db.com/exploits/39918/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://marc.info/?l=bugtraq&m=141216668515282&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://rhn.redhat.com/errata/RHSA-2014-1295.html","source_type":"MISC","tags":[]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/","source_type":"MISC","tags":[]},{"url":"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141383138121313&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=142721162228379&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.securityfocus.com/archive/1/533593/100/0/threaded","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=142358026505815&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686084","source_type":"MISC","tags":[]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686479","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=142719845423222&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61188","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","source_type":"MISC","tags":[]},{"url":"http://jvn.jp/en/jp/JVN55667175/index.html","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/61676","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.exploit-db.com/exploits/40619/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/60433","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.exploit-db.com/exploits/38849/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://marc.info/?l=bugtraq&m=141383026420882&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=141585637922673&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673","source_type":"MISC","tags":[]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=141576728022234&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21685541","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/61715","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61816","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61442","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=142358078406056&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61283","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=142113462216480&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.ubuntu.com/usn/USN-2362-1","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10085","source_type":"MISC","tags":[]},{"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61654","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61542","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.novell.com/support/kb/doc.php?id=7015701","source_type":"MISC","tags":[]},{"url":"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/62312","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/59272","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141319209015420&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141879528318582&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21685604","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61703","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://support.apple.com/kb/HT6495","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.kb.cert.org/vuls/id/252743","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/61065","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=141383196021590&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=141383081521087&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686445","source_type":"MISC","tags":[]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686131","source_type":"MISC","tags":[]},{"url":"http://www.securityfocus.com/bid/70103","source_type":"MISC","tags":[]},{"url":"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141879528318582&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.us-cert.gov/ncas/alerts/TA14-268A","source_type":"MISC","tags":[]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61641","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648","source_type":"MISC","tags":[]},{"url":"https://access.redhat.com/node/1200223","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898","source_type":"MISC","tags":[]},{"url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html","source_type":"MISC","tags":[]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21685914","source_type":"MISC","tags":[]},{"url":"http://seclists.org/fulldisclosure/2014/Oct/0","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2014-1293.html","source_type":"MISC","tags":[]},{"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075","source_type":"MISC","tags":[]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=142721162228379&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/60325","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes","source_type":"MISC","tags":["patch"]},{"url":"http://secunia.com/advisories/60024","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://www.exploit-db.com/exploits/34879/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://access.redhat.com/articles/1200223","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/62343","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61565","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.suse.com/support/shellshock/","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141450491804793&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61313","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=142358026505815&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61873","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61485","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/60947","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183","source_type":"MISC","tags":[]},{"url":"https://support.apple.com/kb/HT6535","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141577297623641&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141383244821813&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61312","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/60193","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.vmware.com/security/advisories/VMSA-2014-0010.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://linux.oracle.com/errata/ELSA-2014-1294.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/60063","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://secunia.com/advisories/60034","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141330425327438&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/59907","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/58200","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141577241923505&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61643","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.novell.com/support/kb/doc.php?id=7015721","source_type":"MISC","tags":[]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687079","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/61503","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686246","source_type":"MISC","tags":[]},{"url":"http://rhn.redhat.com/errata/RHSA-2014-1354.html","source_type":"MISC","tags":[]},{"url":"https://www.exploit-db.com/exploits/40938/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://marc.info/?l=bugtraq&m=141216207813411&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://support.novell.com/security/cve/CVE-2014-6271.html","source_type":"MISC","tags":[]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/61547","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141383465822787&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www.qnap.com/i/en/support/con_show.php?cid=61","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141694386919794&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61552","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61780","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279","source_type":"MISC","tags":[]},{"url":"https://support.citrix.com/article/CTX200223","source_type":"MISC","tags":[]},{"url":"http://www.debian.org/security/2014/dsa-3032","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686447","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/62228","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141330468527613&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61855","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141235957116749&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/60044","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61291","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2014-1294.html","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141345648114150&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/59737","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61287","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=141383353622268&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1141597","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://secunia.com/advisories/61711","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://marc.info/?l=bugtraq&m=142113462216480&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361","source_type":"MISC","tags":[]},{"url":"http://marc.info/?l=bugtraq&m=141383304022067&w=2","source_type":"MAILING_LIST","tags":["mailing-list"]},{"url":"http://advisories.mageia.org/MGASA-2014-0388.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61128","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://support.citrix.com/article/CTX200217","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/61471","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/60055","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61550","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61633","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://linux.oracle.com/errata/ELSA-2014-1293.html","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686494","source_type":"MISC","tags":[]},{"url":"https://kb.bluecoat.com/index?page=content&id=SA82","source_type":"MISC","tags":[]},{"url":"http://secunia.com/advisories/61328","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21685733","source_type":"MISC","tags":[]},{"url":"https://www.exploit-db.com/exploits/42938/","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://secunia.com/advisories/61129","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61700","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61603","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://secunia.com/advisories/61857","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879","source_type":"MISC","tags":[]},{"url":"http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"published","at":"2014-09-24T18:00:00Z","label":"CVE published","source":null},{"type":"cisa_reported","at":"2022-01-28T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"poc_available","at":"2026-06-24T00:29:48.638073Z","label":"Public PoC available","source":"nuclei"},{"type":"ssvc_changed","at":"2026-06-24T00:31:01.449015Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:01.449015Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:01.449015Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:01.449015Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:01.449015Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:01.449015Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"started_trending","at":"2026-06-29T02:30:27.366045Z","label":"Started trending","source":null}]}