Описание
Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| odoo | not-affected | package |
Примечания
https://github.com/odoo/odoo/issues/32507
EPSS
Процентиль: 41%
0.0019
Низкий
Связанные уязвимости
CVSS3: 6.5
nvd
больше 6 лет назад
Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.
github
больше 3 лет назад
Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.
EPSS
Процентиль: 41%
0.0019
Низкий