Описание
Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
Связанные уязвимости
Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation.
Improper access control in the computed fields system of the framework ...
Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation.
Уязвимость CRM-системы Odoo Community Edition и ERP-системы Odoo Enterprise Edition, связанная с ошибками обработки несохраненных вычисляемых полей от имени суперпользователя, позволяющая нарушителю повысить свои привилегии
EPSS
8.1 High
CVSS3
5.5 Medium
CVSS2