CVE-2014-6278
GNU
- Vendors: GNU
🛡️ Vulnerability overview CVE-2014-6278
This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-027 ; https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23467 ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash ; https://www.ibm.com/support/pages/security-bulletin-update-vulnerabilities-bash-affect-aix-toolbox-linux-applications-cve-2014-6271-cve-2014-6277-cve-2014-6278-cve-2014-7169-cve-2014-7186-and-cve-2014-7187 ; https://nvd.nist.gov/vuln/detail/CVE-2014-6278
📊 Technical details
- Severity:
- CVSS:
- Vendor:
🧩 Affected products
- Not specified.
🚨 Recommended mitigations
- Update to the latest available version
- Monitor logs and network traffic
- Apply least-privilege and segment the network
🔗 References
🧭 Related vulnerabilities
- No related CVEs.
This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-027 ; https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23467 ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash ; https://www.ibm.com/support/pages/security-bulletin-update-vulnerabilities-bash-affect-aix-toolbox-linux-applications-cve-2014-6271-cve-2014-6277-cve-2014-6278-cve-2014-7169-cve-2014-7186-and-cve-2014-7187 ; https://nvd.nist.gov/vuln/detail/CVE-2014-6278
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
- CVE-1999-0035 (CVSS 5.4)
- CVE-1999-0017 (no score)
- CVE-1999-0402 (no score)
- CVE-1999-0491 (no score)
- CVE-1999-1165 (no score)
- CVE-1999-1383 (no score)
- CVE-1999-0719 (no score)
- CVE-1999-0041 (no score)
- CVE-2000-0151 (no score)
- CVE-1999-0612 (no score)
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
How to fix CVE-2014-6278
Description: 🛡️ Vulnerability overview CVE-2014-6278 This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-027 ; https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23467 ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash ; https://www.ibm.com/support/pages/security-bulletin-update-vulnerabilities-bash-affect-aix-toolbox-linux-applications-cve-2014-6271-cve-2014-6277-cve-2014-6278-cve-2014-7169-cve-2014-7186-and-cve-2014-7187 ; https://nvd.nist.gov/vuln/detail/CVE-2014-6278 📊 Technical details Severity: CVSS: Vendor: 🧩 Affected products Not specified. 🚨 Recommended mitigations Update to the […]
Exploit Difficulty: HARD
âąď¸ Time to exploit: > 4 hours
đ ď¸ Required skills: Advanced security expertise
đ° Public exploits: Rare or not public
How to Fix:
- Check if you're running the affected product
- Update to the latest patched version
- If patching is not immediately possible: restrict network exposure, apply least-privilege access
- Test the fix in a staging environment first
- Review logs for signs of exploitation
- Monitor for IOCs (Indicators of Compromise)
- Enable automatic security updates
- Set up vulnerability monitoring
- Review and harden security configurations
Vendor Advisory: http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-027
Exploit Difficulty Assessment
Vulnerability Timeline
Timeline information not available for this CVE.
Detection Rules & IOCs
No specific detection rules generated for this vulnerability type.