CVE-2018-14861

Improper data access control in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows authenticated users to perform a CSV export of the secure hashed passwords of other users.
References
Link Resource
https://github.com/odoo/odoo/issues/32506 Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:odoo:odoo:11.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:odoo:odoo:10.0:*:*:*:community:*:*:*
cpe:2.3:a:odoo:odoo:10.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:odoo:odoo:11.0:*:*:*:community:*:*:*

Information

Published : 2019-07-03 12:15

Updated : 2020-08-24 10:37


NVD link : CVE-2018-14861

Mitre link : CVE-2018-14861


JSON object : View

CWE
CWE-732

Incorrect Permission Assignment for Critical Resource

Advertisement

dedicated server usa

Products Affected

odoo

  • odoo