CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2018-15632

CVSS 9.1v3.1pub. 2020-12-22upd. 2024-11-21

Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
  • Odoo

    APP
    Odoo
    ≀ 11.0
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-44547CRITICAL9.1ten sam produkt

A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to exec...

CVE-2018-14860CRITICAL9.1ten sam produkt

Improper sanitization of dynamic user expressions in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 ...

CVE-2018-14885CRITICAL9.8ten sam produkt

Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise...

CVE-2017-10804CRITICAL9.8ten sam produkt

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers c...

CVE-2024-12368HIGH8.1ten sam produkt

Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an int...

CVE-2018-15632 β€” Odoo β€” CRITICAL β€” CVSS 9.1 | CVEbaza.pl