CSV Export Vulnerability in Odoo Community and Enterprise 10.0 and 11.0: Unauthorized Access to Hashed Passwords

CSV Export Vulnerability in Odoo Community and Enterprise 10.0 and 11.0: Unauthorized Access to Hashed Passwords

CVE-2018-14861 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Improper data access control in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows authenticated users to perform a CSV export of the secure hashed passwords of other users.

Learn more about our User Device Pen Test.