admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/15xxx/CVE-2018-15632.json
CVE Team 4bfe59104e
"-Synchronized-Data."
2020-12-22 17:01:52 +00:00

100 lines
3.2 KiB
JSON
Raw Blame History

{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-15632",
"ASSIGNER": "security@odoo.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Odoo Community",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "11.0"
}
]
}
},
{
"product_name": "Odoo Enterprise",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "11.0"
}
]
}
}
]
},
"vendor_name": "Odoo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "P. Valov (SoCyber)"
}
],
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": " CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/odoo/odoo/issues/63700",
"name": "https://github.com/odoo/odoo/issues/63700"
}
]
},
"source": {
"advisory": "ODOO-SA-2020-12-02",
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink