Bash security advisory CVE-2014-6271 & CVE-2014-7169 ("ShellShock")

Follow

A few days ago two related security issues affecting the bash login shell were announced. These issues are not affecting our production service. Cumulocity does not use CGI/mod_cgi and does not allow generic SSH access to production systems.

Nevertheless, we are running now the corrected, patched version of the bash shell. 

Reference: https://community.qualys.com/blogs/securitylabs/2014/09/24/bash-remote-code-execution-vulnerability-cve-2014-6271

The Cumulocity support team

Have more questions? Submit a request

Comments