CVE-2021-23176

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-23176

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-23176.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-23176

Aliases

BIT-odoo-2021-23176

Downstream

DEBIAN-CVE-2021-23176

DSA-5399-1

UBUNTU-CVE-2021-23176

Published

2023-04-25T19:15:09Z

Modified

2025-06-04T17:00:22Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets.

References

Affected packages