The Impact of GNU Bash ShellShock Vulnerability on EMC Isilon OneFS

The ShellShock vulnerability (CVE-2014-6271 & CVE-2014-7169) affects GNU Bash in a way that could allow an unauthenticated remote attacker to inject arbitrary commands on a targeted system. Following the release of this vulnerability, EMC immediately initiated a review of EMC Information Infrastructure products to assess any potential impact.

For the most up-to-date information about the impact of the ShellShock vulnerability and EMC Isilon OneFS and other EMC products, see the following knowledgebase article:

Bash Code Injection Vulnerability (ShellShock/BashBug) in EMC products (192608)

EMC will continue to update information as review and remediation continues through standard customer communication channels (including Security Advisories).

You can also refer to the EMC Product Security Blog on this topic for more information.


About the Author: Kirsten Gantenbein