What is CVE-2019-11780?

CVE-2019-11780 is a high-severity vulnerability in Odoo Community, classified under Improper Access Control. CVSS score: 8.1/10. Published 2019-12-19.

How severe is CVE-2019-11780?

High severity. CVSS v3 base score is 8.1 out of 10.

Vulnerability in Odoo Community

CVE-2019-11780

Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to priv…

EPSS: 0.002 (43.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Odoo Community — versions 13.0
Odoo Enterprise — versions 13.0

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

github.com/odoo/odoo/issues/42196 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-11780?: CVE-2019-11780 is a high-severity vulnerability in Odoo Community, classified under Improper Access Control. CVSS score: 8.1/10. Published 2019-12-19.
How severe is CVE-2019-11780?: High severity. CVSS v3 base score is 8.1 out of 10.