You may have heard about a remote exploit vulnerability that affects computers and devices running derivatives of UNIX (which includes OS X and most builds of Linux) that implement a Bash shell—known to some as a Command Line or Terminal.
The exploit enables a server accessed remotely to be fully controlled via a simple script, bypassing all security
Is Percussion Vulnerable to Shellshock?
Percussion CMS can be installed on servers that run Linux and other Unix-derived server operating systems, but is not inherently susceptible to this type of attack, which targets the operating system itself rather than applications running on it.
The Rapid7 blog has a great post on what types of devices are most vulnerable.
How Can You Protect Yourself?
While any Unix-derived operating systems running Bash shell are susceptible to this exploit, customers should move rapidly to insure in particular that any Internet-facing servers are immediately patched against this vulnerability.
Responding quickly to this potential risk by deploying the appropriate patches will ensure that servers are protected against being exploited.
Each customer should check with their internal IT team better understand whether their server environments are at risk, and how to prevent an attack.
