CVE-2018-15632
8.2
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Odoo | Odoo Community | unspecified <= 11.0 | affected |
| Odoo | Odoo Enterprise | unspecified <= 11.0 | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.