Database Dump Restoration Vulnerability in Odoo Community and Enterprise 10.0 and 11.0

Database Dump Restoration Vulnerability in Odoo Community and Enterprise 10.0 and 11.0

CVE-2018-14885 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds.

Learn more about our Web Application Penetration Testing UK.