CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-14885

Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/odoo/odoo/commits/master
https://github.com/odoo/odoo/issues/32512
https://github.com/odoo/odoo/commits/master
https://github.com/odoo/odoo/issues/32512

Products affected by CVE-2018-14885

Odoo » Odoo » Version: 10.0

cpe:2.3:a:odoo:odoo:10.0
Odoo » Odoo » Version: 11.0

cpe:2.3:a:odoo:odoo:11.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-14885

Products

Pricing

Contact Us