Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-11785

Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on business records there were not given access to, and subscribe to receive future messages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
Products affected by CVE-2019-11785
  • Odoo » Odoo » Version: 10.0
    cpe:2.3:a:odoo:odoo:10.0
  • Odoo » Odoo » Version: 11.0
    cpe:2.3:a:odoo:odoo:11.0
  • Odoo » Odoo » Version: 12.0
    cpe:2.3:a:odoo:odoo:12.0
  • Odoo » Odoo » Version: 13.0
    cpe:2.3:a:odoo:odoo:13.0
  • Odoo » Odoo » Version: 8.0
    cpe:2.3:a:odoo:odoo:8.0
  • Odoo » Odoo » Version: 9.0
    cpe:2.3:a:odoo:odoo:9.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved