BIT-odoo-2021-23176
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/odoo/BIT-odoo-2021-23176.json
- JSON Data
- https://api.osv.dev/v1/vulns/BIT-odoo-2021-23176
- Aliases
- Published
- 2024-03-06T11:01:37.700Z
- Modified
- 2024-03-06T11:25:28.861Z
- Summary
- [none]
- Details
-
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets.
- Database specific
{ "cpes": [ "cpe:2.3:a:odoo:odoo:*:*:*:*:community:*:*:*", "cpe:2.3:a:odoo:odoo:*:*:*:*:enterprise:*:*:*" ], "severity": "Medium" }- References
Affected packages
Bitnami / odoo
Package
- Name
- odoo
- Purl
- pkg:bitnami/odoo
Severity
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator