<img alt="" src="https://secure.ruth8badb.com/159331.png" style="display:none;">
Cimpl Blog

Cimpl Blog

Your Weekly Insights on How to Manage your Enterprise Digital Footprint.

Dear Customers: Cimpl is not vulnerable to the shellshock bug

Posted by Henry Cheang | September 25, 2014 5:00 PM

The Shellshock Bug is in ALL the news today...

There is a lot of news about the so-called Shellshock bug that’s hitting the media today. BBC News, CTV News, and CBC News, among many others have been alerting its readers about this latest vulnerability. However, before we get to that, let me emphatically state something:


Etelesolv is not vulnerable to the Shellshock Bug!


What is the Shellshock bug?

Now that we’ve gotten that critical statement out of the way, it’s time we do what we do best – provide clarity and transparency on crucial data!

To summarize, the Shellshock vulnerability, or more formally, the “GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271, CVE-2014-7169)” is a critical vulnerability that impacts the following operating systems/shells:

  • GNU Bash through 4.3.
  • Linux, BSD, and UNIX distributions including but not limited to:
    • CentOS 5 through 7
    • Debian
    • Mac OS X
    • Red Hat Enterprise Linux 4 through 7
    • Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS

Among the reasons for which the Shellshock bug is making such a big media splash is because the US Department of Homeland Security issued an alert on the bug. Other reasons include the fact that:

  • Hackers using this exploit can take complete control of vulnerable machines
  • This bug’s impact has been classified as “high” by industry standards (i.e., the risk that it poses is high!)
  • Literally hundreds of millions of machines are at risk!

Currently, patches have been released to plug the vulnerability, but the patches do not necessarily fix the entire problem! Basically, if you’re using the above-listed systems (or network vectors from the vendors on this list), go to their respective websites/communities to see what patches or workarounds have been created! And be sure to check regularly for updates!

Why Cimpl is safe from the Shellshock bug!

Vincent Parisien, Vice-President of Technology for Cimpl, supplies the answer: “Cimpl’s products are built on Microsoft platforms, and hence not impacted by this exploit. More to the point, we’re constantly applying vendor security patches and verifying our products and security features to ensure that our products are thoroughly safeguarded. We deeply cherish our customers’ faith in us, and we do everything we can to continuously uphold that trust!”

A few quick final words

Cimpl is Canada’s leader in IT andtelecom expense management. We attained this position because we build the finest software products and because we’re constantly on the lookout for the latest developments, both in terms of forward-looking technology AND in terms of ways of warding off threats! Contact us to find out more!

New Call-to-action


Related articles:



Topics: Security, Tips and Tricks, Customers

Written by Henry Cheang

Henry is a dedicated technical writer, focused on conducting market research, contributing to product design, and writing clear and concise documentation for the company. He is an enthusiastic team member and is passionate about science and technology, who plays a key role in Cimpl’s product messaging. His dedication to writing is reflected in his experience in authoring academic papers, documentation, user guides, and in contributing to Cimpl’s marketing efforts.

Subscribe to our Blog

Follow Us!

2019 Product Roadmap Webinar
What is WEM? ePaper
What is UCCEM?