Impact of the GNU Bash ShellShock Vulnerability on EMC/RSA products

The ShellShock vulnerability (CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169CVE-2014-7186 & CVE-2014-7187) affects GNU Bash that could allow an unauthenticated remote attacker to inject arbitrary commands on a targeted system. Following the release of this vulnerability, we immediately initiated a review of EMC Information Infrastructure and RSA products to assess any potential impact.

We have published Knowledgebase articles on our customer accessible support websites that reflect the most up to date information from our review along with remediation plans, where needed:

We will continue to update the information as our review and remediation continues using our standard customer communication channels (including Security Advisories).

Please refer to these articles and direct any inquiries to EMC or RSA Support.

About the Author: Reeny Sondhi