CVE-2018-15632

CVSS 8.2 HIGHEPSS 1.2%CWE-20

Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Produtos afetados

Odoo · Odoo Community Odoo · Odoo Enterprise

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/odoo/odoo/issues/63700