admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-148xx/CVE-2018-14859.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

130 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-14859",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-03T20:15:10.777",
"lastModified": "2019-07-10T18:53:27.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the password reset component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated users to reset the password of other users by being the first party to use the secure token."
},
{
"lang": "es",
"value": "El control de acceso incorrecto en el componente de restablecimiento de contrase\u00f1a en Odoo Community versi\u00f3n 11.0 y versiones anteriores y Odoo Enterprise versi\u00f3n 11.0 y versiones anteriores permite a los usuarios autenticados restablecer la contrase\u00f1a de otros usuarios al ser la primera persona en utilizar el token seguro."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odoo:odoo:9.0:*:*:*:community:*:*:*",
"matchCriteriaId": "C3F9E8F1-FAF7-44AE-8D05-BE717D247EDE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odoo:odoo:9.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "167C709E-C8B2-4CCB-963E-E1D8C664190A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odoo:odoo:10.0:*:*:*:community:*:*:*",
"matchCriteriaId": "C52F2EEB-11E5-49E8-AD06-3014FF2C2D24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odoo:odoo:10.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "A4405E54-6C16-49D5-B632-3D72091B2FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odoo:odoo:11.0:*:*:*:community:*:*:*",
"matchCriteriaId": "38424B03-4121-4A79-8E4E-4CB4DCD3E4A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odoo:odoo:11.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "1298CF62-A06E-48AD-8141-0541DE3F6381"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/odoo/odoo/issues/32510",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink