CVE-2018-14863

Incorrect access control in the RPC framework in Odoo Community 8.0 through 11.0 and Odoo Enterprise 9.0 through 11.0 allows authenticated users to call private functions via RPC.
References
Link Resource
https://github.com/odoo/odoo/issues/32508 Patch Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:odoo:odoo:9.0:*:*:*:community:*:*:*
cpe:2.3:a:odoo:odoo:9.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:odoo:odoo:10.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:odoo:odoo:10.0:*:*:*:community:*:*:*
cpe:2.3:a:odoo:odoo:11.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:odoo:odoo:11.0:*:*:*:community:*:*:*

Information

Published : 2019-07-03 07:15

Updated : 2019-07-05 06:15


NVD link : CVE-2018-14863

Mitre link : CVE-2018-14863

Products Affected
No products.
CWE