CVE-2018-15632

CVSS 8.2 HIGHEPSS 1.2%CWE-20

Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Productos afectados

Odoo · Odoo Community Odoo · Odoo Enterprise

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/odoo/odoo/issues/63700