Vulnerabilities > CVE-2024-12368 - Unspecified vulnerability in Odoo 15.0

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

odoo

NVD

Published: 2025-02-25

Updated: 2025-02-28

Summary

Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users.

Vulnerable Configurations

Part	Description	Count
Application	Odoo Odoo Odoo 15.0	2

References

https://github.com/odoo/odoo/issues/193854