What is CVE-2014-3556?

CVE-2014-3556 is a vulnerability in F5 Nginx, classified under Command Injection. Published 2014-12-29.

Is CVE-2014-3556 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in F5 Nginx

CVE-2014-3556

The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert command…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.482 (97.8th percentile) — read the EPSS interpretation.

Affected products

F5 Nginx
N/a — versions n/a

Weakness classification (CWE)

CWE-77 — Command Injection

Public proof-of-concept exploits

References

HPSBOV03227 (x_refsource_HP, vendor-advisory, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory, Issue Tracking)
[nginx-announce] 20140805 nginx security advisory (CVE-2014-3556) (Vendor Advisory, mailing-list, x_refsource_MLIST, Patch)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2014-3556?: CVE-2014-3556 is a vulnerability in F5 Nginx, classified under Command Injection. Published 2014-12-29.
Is CVE-2014-3556 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.