Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation.
References
Link | Resource |
---|---|
https://github.com/odoo/odoo/issues/42196 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: odoo
Published: 2019-12-19T15:50:12
Updated: 2019-12-19T15:50:12
Reserved: 2019-05-06T00:00:00
Link: CVE-2019-11780
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-19T16:16:42.370
Modified: 2021-11-02T19:14:20.240
Link: CVE-2019-11780
JSON object: View
Redhat Information
No data.
CWE