CVE-2014-6278

Confirmed PUBLISHED

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers...

GNU · Bash

1 day faster than CISA KEV

Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
8.8 High EPSS 99.6%

At a Glance

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.

cisa apache
CVE Published
Sep 30, 2014
Exploitation Reported
Jun 01, 2026
CVSS
8.8 High
EPSS
99.6%
Remote Low complexity Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • HPSBMU03165 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=141577137423233&w=2
  • SSRT101819 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=142721162228379&w=2
  • HPSBMU03245 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=142358026505815&w=2
  • HPSBMU03143 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=141383026420882&w=2
  • HPSBMU03182 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=141585637922673&w=2
Show 105 more references

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.