CVE-2018-15632

Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials.
References
Link Resource
https://github.com/odoo/odoo/issues/63700 Patch Third Party Advisory
https://github.com/odoo/odoo/issues/63700 Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:odoo:odoo:*:*:*:*:community:*:*:*
cpe:2.3:a:odoo:odoo:*:*:*:*:enterprise:*:*:*

History

21 Nov 2024, 03:51

Type Values Removed Values Added
References () https://github.com/odoo/odoo/issues/63700 - Patch, Third Party Advisory () https://github.com/odoo/odoo/issues/63700 - Patch, Third Party Advisory

Information

Published : 2020-12-22 17:15

Updated : 2024-11-21 03:51


NVD link : CVE-2018-15632

Mitre link : CVE-2018-15632

CVE.ORG link : CVE-2018-15632


JSON object : View

Products Affected

odoo

  • odoo
CWE
CWE-20

Improper Input Validation