{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2017-05-06T00:00:00", "datePublic": "2017-07-13T00:00:00", "descriptions": [{"lang": "en", "value": "Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-13T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.4.md#bug-fixes"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/akeneo/pim-community-dev/blob/1.5/CHANGELOG-1.5.md#bug-fixes-2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.6.md#bug-fixes-2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-05-06T20:43:28.262494", "ID": "CVE-2017-1000009", "REQUESTER": "benoit@akeneo.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.4.md#bug-fixes", "refsource": "CONFIRM", "url": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.4.md#bug-fixes"}, {"name": "https://github.com/akeneo/pim-community-dev/blob/1.5/CHANGELOG-1.5.md#bug-fixes-2", "refsource": "CONFIRM", "url": "https://github.com/akeneo/pim-community-dev/blob/1.5/CHANGELOG-1.5.md#bug-fixes-2"}, {"name": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.6.md#bug-fixes-2", "refsource": "CONFIRM", "url": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.6.md#bug-fixes-2"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000009", "datePublished": "2017-07-13T20:00:00", "dateReserved": "2017-07-10T00:00:00", "dateUpdated": "2017-07-13T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:-:*:*:enterprise:*:*:*", "matchCriteriaId": "09961B92-558C-483D-A244-F0464A6C451C", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:beta1:*:*:enterprise:*:*:*", "matchCriteriaId": "CA821035-E542-4557-87FB-4489470E9075", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:beta2:*:*:enterprise:*:*:*", "matchCriteriaId": "8DFFA9C4-75A6-4D3E-BA9E-757DCA7119EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:beta3:*:*:enterprise:*:*:*", "matchCriteriaId": "93F08A81-9A3F-45FC-B5F5-286EA44D12C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:rc1:*:*:enterprise:*:*:*", "matchCriteriaId": "B58FF996-30CA-4B9B-90B6-9711AA85238A", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.1:*:*:*:enterprise:*:*:*", "matchCriteriaId": "EEC56E78-9F76-4658-8028-887127F23915", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.2:*:*:*:enterprise:*:*:*", "matchCriteriaId": "227DFE9E-FC0D-4C16-9246-2C5DA08F3C28", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.3:*:*:*:enterprise:*:*:*", "matchCriteriaId": "D3D3B57F-AAF3-4147-89EC-5BC9DBC2FCAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.4:*:*:*:enterprise:*:*:*", "matchCriteriaId": "9E807838-7FB5-448C-8EDC-7BBB35613099", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.5:*:*:*:enterprise:*:*:*", "matchCriteriaId": "208252AB-3E3F-4FEB-BCBE-7152D85AFEC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.6:*:*:*:enterprise:*:*:*", "matchCriteriaId": "E4EE1DC6-641F-497D-AEE1-19C6016A99D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.7:*:*:*:enterprise:*:*:*", "matchCriteriaId": "417F83EC-8877-48FA-B3C2-2F73D43A3F0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.8:*:*:*:enterprise:*:*:*", "matchCriteriaId": "4A5E39B2-5342-4AD0-89D0-48376DFD42EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.9:*:*:*:enterprise:*:*:*", "matchCriteriaId": "99D0CEA1-EF11-4816-A5C5-4118C93D784D", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.10:*:*:*:enterprise:*:*:*", "matchCriteriaId": "3C43DF6E-665B-4A44-A799-A25B627B7629", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.11:*:*:*:enterprise:*:*:*", "matchCriteriaId": "8D657FE2-AD6D-4ACA-A460-ED11150F505D", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.12:*:*:*:enterprise:*:*:*", "matchCriteriaId": "C8C0029F-6B8A-42BF-8867-4FFE5B042800", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.13:*:*:*:enterprise:*:*:*", "matchCriteriaId": "4F8C8A10-DA74-4D2D-92D9-4FB60BE3BE30", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.14:*:*:*:enterprise:*:*:*", "matchCriteriaId": "F07EB708-5CE4-4E86-AB54-DB0D8757D026", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.15:*:*:*:enterprise:*:*:*", "matchCriteriaId": "2CDDCB42-C313-40B7-9F08-9875A553A602", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.16:*:*:*:enterprise:*:*:*", "matchCriteriaId": "6F5840C5-F733-44B7-B192-740B4189956D", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.17:*:*:*:enterprise:*:*:*", "matchCriteriaId": "DF40977C-CD1E-41F4-8EF2-8F95B0EFCD9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.18:*:*:*:enterprise:*:*:*", "matchCriteriaId": "FA720436-D6E8-4B4B-8B98-59F96D975C79", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.19:*:*:*:enterprise:*:*:*", "matchCriteriaId": "60FFB54D-9FDA-4496-AAED-787B2E7134B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.20:*:*:*:enterprise:*:*:*", "matchCriteriaId": "9DB5787D-1582-487E-B77D-579AD40AE4AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.21:*:*:*:enterprise:*:*:*", "matchCriteriaId": "5E03188B-E57E-4AAD-828A-3BDC07F1CFE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.22:*:*:*:enterprise:*:*:*", "matchCriteriaId": "094FB9DA-F337-4FD4-B4BE-7AFFC1CED00E", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.23:*:*:*:enterprise:*:*:*", "matchCriteriaId": "0817F232-9278-41AC-AB36-61138E3962B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.24:*:*:*:enterprise:*:*:*", "matchCriteriaId": "821A5ED9-7755-4D3E-86AA-8E2C315DD5A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.25:*:*:*:enterprise:*:*:*", "matchCriteriaId": "009ED22D-2AA7-4561-9763-0BE9974A5AE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.26:*:*:*:enterprise:*:*:*", "matchCriteriaId": "2D9B0A41-137F-4B2A-9ED5-AA5D95FCBD60", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.27:*:*:*:enterprise:*:*:*", "matchCriteriaId": "92805097-A49A-4F50-A226-544612D88918", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:-:*:*:enterprise:*:*:*", "matchCriteriaId": "100261A3-656B-48F2-94A7-F16CF911C7A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:alpha1:*:*:enterprise:*:*:*", "matchCriteriaId": "12F58CE5-87A6-46AA-A1E5-CBA7A248EE82", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:beta1:*:*:enterprise:*:*:*", "matchCriteriaId": "76E533B8-90C2-441F-8479-3D158857DA6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:rc1:*:*:enterprise:*:*:*", "matchCriteriaId": "A93343CF-131E-4A96-8652-46F27FC567DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.1:*:*:*:enterprise:*:*:*", "matchCriteriaId": "9A22EFD3-AD28-49EF-8413-9BBA9E6D87D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.2:*:*:*:enterprise:*:*:*", "matchCriteriaId": "D2C674E1-EDBA-4BC1-99C6-761207E6EEFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.3:*:*:*:enterprise:*:*:*", "matchCriteriaId": "6E9AFF7D-594C-4FA6-B176-18F38139A206", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.4:*:*:*:enterprise:*:*:*", "matchCriteriaId": "B1FB942F-AAB3-40D4-AF03-F97063A29FA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.5:*:*:*:enterprise:*:*:*", "matchCriteriaId": "245D8720-B7A2-4934-841C-6A3400C1CCC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.6:*:*:*:enterprise:*:*:*", "matchCriteriaId": "3E9A8E1F-A423-4872-BFC7-40B1982BCDAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.7:*:*:*:enterprise:*:*:*", "matchCriteriaId": "5F0BED3B-2BC1-4E2C-9715-4731E898455F", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.8:*:*:*:enterprise:*:*:*", "matchCriteriaId": "B11AD7D6-AE52-435F-B399-225321F2B59F", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.9:*:*:*:enterprise:*:*:*", "matchCriteriaId": "40DC79A0-3179-47A7-9A39-211620F20AE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.10:*:*:*:enterprise:*:*:*", "matchCriteriaId": "30ADBF8D-2DAE-4974-B922-DFDF952E15F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.11:*:*:*:enterprise:*:*:*", "matchCriteriaId": "564B0954-019C-49CF-98B5-D981D78626A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.12:*:*:*:enterprise:*:*:*", "matchCriteriaId": "FED37BF2-5ED3-469D-9A06-B36956C2364C", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.13:*:*:*:enterprise:*:*:*", "matchCriteriaId": "B010DD2A-923C-4703-BFF5-258B02B4BD5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.14:*:*:*:enterprise:*:*:*", "matchCriteriaId": "4A12A9FD-DF0A-4B8C-A31E-6CAC37F92020", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:-:*:*:enterprise:*:*:*", "matchCriteriaId": "6E2E597A-0FC9-4B04-8F0A-B9990308E76C", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:alpha1:*:*:enterprise:*:*:*", "matchCriteriaId": "66DC5FA1-7EDC-4929-9262-928DDA6CF06F", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:alpha2:*:*:enterprise:*:*:*", "matchCriteriaId": "D49F779B-F4F1-42B4-9CEB-C39392A178E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:rc1:*:*:enterprise:*:*:*", "matchCriteriaId": "5ECB19C4-A000-481A-9F19-E17214E78D50", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.1:*:*:*:enterprise:*:*:*", "matchCriteriaId": "BD38E663-DE40-4D11-9C08-DD990F1862A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.2:*:*:*:enterprise:*:*:*", "matchCriteriaId": "E3E240B9-671A-49F6-B28A-CCBD565D6715", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.3:*:*:*:enterprise:*:*:*", "matchCriteriaId": "E1878674-4340-480C-AD2A-B53BF43077D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.4:*:*:*:enterprise:*:*:*", "matchCriteriaId": "F0568DD4-8CDC-4743-AB67-94337DB7FA49", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.5:*:*:*:enterprise:*:*:*", "matchCriteriaId": "851CCFE3-C81D-4EAD-BC75-C98EF7EE9921", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:-:*:*:community:*:*:*", "matchCriteriaId": "D9960587-9B32-476F-B52D-BD83C21E1716", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:beta1:*:*:community:*:*:*", "matchCriteriaId": "5F7DBA22-D16A-4C83-AC29-A7EF5FF8177C", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:beta2:*:*:community:*:*:*", "matchCriteriaId": "3F65E714-010E-4300-95D5-51DAAFFCF0CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:beta3:*:*:community:*:*:*", "matchCriteriaId": "3F75681C-F0A9-4BD4-B4BA-6598FEEA9165", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.0:rc1:*:*:community:*:*:*", "matchCriteriaId": "A8CFD1B2-E7E5-4B59-BB0D-89EE65CA8DF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.1:*:*:*:community:*:*:*", "matchCriteriaId": "BFCC93EF-94B1-429B-860C-77BAFC6BC93C", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.2:*:*:*:community:*:*:*", "matchCriteriaId": "39C9005F-A2A3-418F-A941-121126A5FF1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.3:*:*:*:community:*:*:*", "matchCriteriaId": "A6C66876-5A76-4007-BDCA-E5671AEA778B", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.4:*:*:*:community:*:*:*", "matchCriteriaId": "60971CBF-D460-4B86-8C99-2492969A447A", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.5:*:*:*:community:*:*:*", "matchCriteriaId": "3A58222A-C8B2-49CD-9C63-CBE86F574170", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.6:*:*:*:community:*:*:*", "matchCriteriaId": "CF968F13-AB0A-4931-9F70-40CD20363F8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.7:*:*:*:community:*:*:*", "matchCriteriaId": "D7AC6664-697A-4AB1-A673-6B1F0843D07E", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.8:*:*:*:community:*:*:*", "matchCriteriaId": "B1A60C35-F581-4BEE-82A0-C3D3EC875161", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.9:*:*:*:community:*:*:*", "matchCriteriaId": "109BF7F8-0B55-49B5-AE5C-F5E5C6CFC7E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.10:*:*:*:community:*:*:*", "matchCriteriaId": "237C9D30-AB04-4B57-97C6-211829B6AE8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.11:*:*:*:community:*:*:*", "matchCriteriaId": "88EC5B83-0868-45F9-8A0A-7151E78CFDBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.12:*:*:*:community:*:*:*", "matchCriteriaId": "674C514B-7B6C-4FFF-9596-767620B81FF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.13:*:*:*:community:*:*:*", "matchCriteriaId": "B7DE8604-AE92-4E70-BAEA-324820E14745", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.14:*:*:*:community:*:*:*", "matchCriteriaId": "BD20E8E4-7911-4AEE-9F33-D77BE9602D89", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.15:*:*:*:community:*:*:*", "matchCriteriaId": "4636650D-0114-4931-A5B7-38A3A38047D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.16:*:*:*:community:*:*:*", "matchCriteriaId": "082BDF6C-57F3-49E9-942A-7E270B6D5DA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.17:*:*:*:community:*:*:*", "matchCriteriaId": "7B0B2FB7-768B-4F8E-AA79-AAD19F0BA0FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.18:*:*:*:community:*:*:*", "matchCriteriaId": "B7DEBC4C-8802-4B13-A63D-67AA466800DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.19:*:*:*:community:*:*:*", "matchCriteriaId": "3E4F2A3D-9725-498F-8338-5646991D3EDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.20:*:*:*:community:*:*:*", "matchCriteriaId": "575E9AE9-11D9-45D4-90CC-AEA6EC3697BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.21:*:*:*:community:*:*:*", "matchCriteriaId": "1F69ED88-DE3A-4CB9-8DE8-F31C524C5EB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.22:*:*:*:community:*:*:*", "matchCriteriaId": "840A87AC-B424-480D-8393-C9C764FC15A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.23:*:*:*:community:*:*:*", "matchCriteriaId": "FA533FC2-BFC5-47F8-A193-B88BD07AA54A", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.24:*:*:*:community:*:*:*", "matchCriteriaId": "7E7392B2-9F76-4AB8-A4BF-87D499A04EAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.25:*:*:*:community:*:*:*", "matchCriteriaId": "88DC1086-52A0-489A-85A4-E15BDCB46328", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.26:*:*:*:community:*:*:*", "matchCriteriaId": "0A2231ED-5A6F-4876-A988-E06AC926B298", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.4.27:*:*:*:community:*:*:*", "matchCriteriaId": "BA86E0DF-606C-4C4E-830E-023D313FD783", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:-:*:*:community:*:*:*", "matchCriteriaId": "7E34819C-2579-42B4-9500-F5F38F366CC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:alpha1:*:*:community:*:*:*", "matchCriteriaId": "8AC6A965-D44E-49C0-8341-DA511DF01D1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:beta1:*:*:community:*:*:*", "matchCriteriaId": "CD5FF35C-6058-4A57-A645-FA026036FD89", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.0:rc1:*:*:community:*:*:*", "matchCriteriaId": "B5499E66-29C2-4C82-9CEE-9F58767F8A37", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.1:*:*:*:community:*:*:*", "matchCriteriaId": "11965034-B4A7-469A-969C-C93165857531", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.2:*:*:*:community:*:*:*", "matchCriteriaId": "67384E45-D2CF-4923-96E4-EC23C10D4F56", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.3:*:*:*:community:*:*:*", "matchCriteriaId": "DA9819BE-A491-4837-927F-2A5045ECB1F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.4:*:*:*:community:*:*:*", "matchCriteriaId": "9F018372-119B-4678-B747-7E66C62E199E", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.5:*:*:*:community:*:*:*", "matchCriteriaId": "193C3E63-4F82-4F25-8D0D-F5CC4F70DC51", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.6:*:*:*:community:*:*:*", "matchCriteriaId": "8D533299-AC08-44C1-AF13-D7C422911BF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.7:*:*:*:community:*:*:*", "matchCriteriaId": "F09157D5-C7BD-431B-A463-D0A2E7C49EBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.8:*:*:*:community:*:*:*", "matchCriteriaId": "F7BB1F44-A29F-4E57-898C-F973BA1B60CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.9:*:*:*:community:*:*:*", "matchCriteriaId": "5914A9A1-EFEB-4C4E-960D-556F460D04E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.10:*:*:*:community:*:*:*", "matchCriteriaId": "585D769B-004E-4C9F-AE5E-62A3C90E2BA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.11:*:*:*:community:*:*:*", "matchCriteriaId": "CD9A26F6-07F1-4254-A7F1-C3800016DEB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.12:*:*:*:community:*:*:*", "matchCriteriaId": "24CD93D3-CEFD-4355-9472-14BE3A0A474E", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.13:*:*:*:community:*:*:*", "matchCriteriaId": "EEB33E72-5AEC-4171-AC7A-9FBD5E58FD09", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.5.14:*:*:*:community:*:*:*", "matchCriteriaId": "AFD37A1E-5921-415E-9A15-AB6B6832FBFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:-:*:*:community:*:*:*", "matchCriteriaId": "4B04A28D-0266-4F29-8711-9E63EC31DB21", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:alpha1:*:*:community:*:*:*", "matchCriteriaId": "4C14D67E-3856-48B7-9029-0BF99DE6A99A", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:alpha2:*:*:community:*:*:*", "matchCriteriaId": "CE295B81-9AD3-4105-BA38-8CADAB788513", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.0:rc1:*:*:community:*:*:*", "matchCriteriaId": "7303C2BB-134E-448B-9820-27DC2184C4A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.1:*:*:*:community:*:*:*", "matchCriteriaId": "52BD18BE-1347-4A22-BA20-1E76B3F285AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.2:*:*:*:community:*:*:*", "matchCriteriaId": "A04D2731-6864-4F9F-8D48-F35C2BD48A82", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.3:*:*:*:community:*:*:*", "matchCriteriaId": "8DDFF87C-BE90-42DA-A8B8-00B4858B2A57", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.4:*:*:*:community:*:*:*", "matchCriteriaId": "64BE2FD4-CD98-4B80-87D4-8C5663E7BEEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:akeneo:product_information_management:1.6.5:*:*:*:community:*:*:*", "matchCriteriaId": "672EBFE9-2DAF-46E4-ABAE-DBA242995E4F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution."}, {"lang": "es", "value": "CE y EE anterior a versiones 1.6.6, 1.5.15, 1.4.28 de Akeneo PIM son vulnerables a la inyecci\u00f3n shell en la edici\u00f3n masiva, resultando en una ejecuci\u00f3n remota."}], "id": "CVE-2017-1000009", "lastModified": "2020-08-05T16:52:05.617", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-17T13:18:16.187", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "url": "https://github.com/akeneo/pim-community-dev/blob/1.5/CHANGELOG-1.5.md#bug-fixes-2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "url": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.4.md#bug-fixes"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Patch", "Third Party Advisory"], "url": "https://github.com/akeneo/pim-community-dev/blob/master/CHANGELOG-1.6.md#bug-fixes-2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}