EUVD-2021-31302

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Improper access control in Odoo allows attackers to subscribe to notifications about business records.

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2021-44465	25 Apr 202322:25	–	circl
CNNVD	Odoo 安全漏洞	25 Apr 202300:00	–	cnnvd
CNVD	Odoo Access Control Issue Vulnerability	26 May 202300:00	–	cnvd
CVE	CVE-2021-44465	25 Apr 202318:33	–	cve
Cvelist	CVE-2021-44465	25 Apr 202318:33	–	cvelist
Debian CVE	CVE-2021-44465	25 Apr 202318:33	–	debiancve
NVD	CVE-2021-44465	25 Apr 202319:15	–	nvd
OSV	BIT-ODOO-2021-44465	6 Mar 202411:00	–	osv
OSV	UBUNTU-CVE-2021-44465	25 Apr 202319:15	–	osv
Prion	Improper access control	25 Apr 202319:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "a2eaf87d-98d6-3d51-bfb7-07cac9aad319",
        "vendor": {
          "name": "Odoo"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "b671e58c-3aaa-3dcf-82ab-f52f021d7f7c",
        "product": {
          "name": "Odoo Community"
        },
        "product_version": "0 ≤13.0"
      },
      {
        "id": "bf082625-44e2-3d90-8327-2b34628641a1",
        "product": {
          "name": "Odoo Enterprise"
        },
        "product_version": "0 ≤13.0"
      }
    ]
  }
]

Source	Link
github	www.github.com/odoo/odoo/issues/107692

03 Oct 2025 20:07Current

5.4Medium risk

Vulners AI Score5.4

CVSS 35.3

CVSS 3.14.3

EPSS0.00153

SSVC