Bash Command Injection Vulnerability (Shellshock Bug)

Summary

Acunetix 360 identified the Bash Command Injection Vulnerability (Shellshock Bug) in the target web server.

The Shellshock bug allows attackers to execute arbitrary commands on the target system. This vulnerability is known to exploit widely and should be addressed as soon as possible.

Impact

An attacker can execute arbitrary commands on the system.

Remediation

Upgrade your system by following these instructions

Severity

Critical

Classification

PCI v3.2-6.5.1 CAPEC-88 CWE-78 HIPAA-164.306(a) 164.308(a) ISO27001-A.14.2.5 WASC-31 OWASP 2013-A1 OWASP 2017-A9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C