CVE-2021-44465

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-44465

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44465.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-44465

Aliases

BIT-odoo-2021-44465

Downstream

UBUNTU-CVE-2021-44465

Published

2023-04-25T19:15:09.727Z

Modified

2026-03-14T11:16:53.862118Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows authenticated attackers to subscribe to receive future notifications and comments related to arbitrary business records in the system, via crafted RPC requests.

References

https://github.com/odoo/odoo/issues/107692

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44465.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "13.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "13.0"
            }
        ]
    }
]