Skip Ribbon Commands
Skip to main content
Navigate Up
Sign In

Quick Launch

Average Rating:

(2 Ratings)
facebook Twitter
Email
Print Bookmark Alert me when this article is updated

Feedback

FAQ: What Informatica products are affected by the GNU bash security vulnerability CVE-2014-6271 and CVE-2014-7169, Shellshock bug?
Answer
This article discusses the status of the vulnerabilities discovered in the GNU bash shell on UNIX/Linux and OS X operating systems, commonly known as Shellshock bug. Refer to the following links for more information:
 
 
 
As Informatica products do not use Apple OS X, this article discusses the impact on UNIX/Linux OS.
 
Informatica products have been reviewed for impact of this issue. Informatica products and the impact for each of those are listed below.
 
The Informatica software and versions that make command-line calls through bash are listed in this article. If you are running any software on this list, you must apply your OS vendors’ bash patch immediately to close any potential attacks through this vulnerability. Otherwise, if you are not running software on this list, you are still encouraged to apply OS patches to ensure your environment is secure of this vulnerability.
 
Contact the OS vendor to obtain further details about the specifics on the patches involved.
 

Product

Affected

Patch / Remediation

PowerCenter, Data Quality, Data Explorer, PowerCenter Express, Data services, Metadata Manager, Business Glossary
Yes – Can issue shell commands.
Allows to issue shell commands as pre-/post-processing steps. Customers should apply OS patch immediately. Else no direct impact. 
PowerExchange Mainframe, CDC
No
No direct impact. Informatica recommends customers to apply OS patch to all machines with Informatica product installed.
 
Ultra Messaging, Vibe Data Stream
No
No direct impact. Informatica recommends customers to apply OS patch to all machines with Informatica product installed.
 
Informatica Data Replication, Informatica Fast Clone
No
No direct impact. Informatica recommends customers to apply OS patch to all machines with Informatica product installed.
B2B Data Exchange, Data Integration Hub
Yes
Data Exchange and DIH invoke command-line executables and call bash on Red Hat Linux. Red Hat customers must apply OS patch.  Other OS customers still recommended to apply OS patch.
B2B Data Transformation, Unstructured Data Transformation, HParser, Atlantic
No
No direct impact. Informatica recommends customers to apply OS patch to all machines with Informatica product installed.
Data Archive, Dynamic Data Masking, Informatica Data Vault, Test Data Management
No
No direct impact. Informatica recommends customers to apply OS patch to all machines with Informatica product installed.
SAP Nearline
No
No direct impact. Informatica recommends customers to apply OS patch to all machines with Informatica product installed.
 
Master Data Management, Informatica Identity Resolution
No
No direct impact. Informatica recommends customers to apply OS patch to all machines with Informatica product installed.
 
PIM, Media Manager
Only Media Manager
Media Manager makes command line calls, must apply OS patch immediately.
ActiveVOS
No
No direct impact on on-premise ActiveVOS product. Cloud-realtime has already been patched.

Cloud/ICS
Patched
 
Informatica-hosted environment has already been patched. Downloadable Cloud agent – no direct impact. 
Informatica recommends customers  to apply OS patch to all machines running Cloud agent.
 
Springbok
Patched
Informatica-hosted only. Informatica-hosted environment has already been patched.
 
Address Doctor
Patched
AD services run on Windows only and are not affected.  Procurement service runs on Linux and is already patched.
 
StrikeIron
Not affected
Strikeiron hosted services run on Windows only and are not affected.  Custom integrations running on AWS have already been patched.

More Information

Applies To
Product: PowerCenter
Problem Type:
User Type:
Project Phase:
Product Version:
Database:
Operating System:
Other Software:

Reference

Attachments

Last Modified Date:10/5/2014 8:43 PMID:301574
People who viewed this also viewed

Feedback

Did this KB document help you?



What can we do to improve this information (2000 or fewer characters)