Lucene search
OdooCVE-2021-44547HistoryApr 25, 2023 - 7:15 p.m.
CVE-2021-44547
2023-04-2519:15:09
CWE-267
odoo
web.nvd.nist.gov
43
cve
2021
44547
odoo
community
enterprise
sandboxing
arbitrary code execution
privilege escalation
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.001
Percentile
33.3%
A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation.
Affected configurations
Node
odooodooRange≤15.0community
ORodooodooRange≤15.0enterprise
CNA Affected
[
{
"vendor": "Odoo",
"product": "Odoo Community",
"defaultStatus": "unaffected",
"versions": [
{
"version": "15.0",
"status": "affected"
}
]
},
{
"vendor": "Odoo",
"product": "Odoo Enterprise",
"defaultStatus": "unaffected",
"versions": [
{
"version": "15.0",
"status": "affected"
}
]
}
]References
Related
prion
prion
Privilege escalation
2023-04-25 19:15:00
osv
osv
BIT-odoo-2021-44547
2024-03-06 10:59:43
cvelist
cvelist
CVE-2021-44547
2023-04-25 18:33:42
nvd
nvd
CVE-2021-44547
2023-04-25 19:15:09
ubuntucve
ubuntucve
CVE-2021-44547
2023-04-25 00:00:00
vulnrichment
vulnrichment
CVE-2021-44547
2023-04-25 18:33:42
debiancve
debiancve
CVE-2021-44547
2023-04-25 19:15:09
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.001
Percentile
33.3%
Related for CVE-2021-44547