{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T11:14:19.707","vulnerabilities":[{"cve":{"id":"CVE-2019-11780","sourceIdentifier":"security@odoo.com","published":"2019-12-19T16:16:42.370","lastModified":"2024-11-21T04:21:46.750","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in the computed fields system of the framework of Odoo Community 13.0 and Odoo Enterprise 13.0 allows remote authenticated attackers to access sensitive information via crafted RPC requests, which could lead to privilege escalation."},{"lang":"es","value":"Un control de acceso inapropiado en el sistema de campos computarizados del framework de Odoo Community versión 13.0 y Odoo Enterprise versión 13.0, permite a atacantes autenticados remotos acceder a información confidencial por medio de peticiones RPC diseñadas, lo que podría conllevar a una escalada de privilegios."}],"metrics":{"cvssMetricV31":[{"source":"security@odoo.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:N","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@odoo.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:odoo:odoo:13.0:*:*:*:community:*:*:*","matchCriteriaId":"4CE8B4A3-0EA3-4813-A511-16FB7D2B06AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:odoo:odoo:13.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"FDDB70FB-2B58-42B4-96CB-D8C8C152A6A7"}]}]}],"references":[{"url":"https://github.com/odoo/odoo/issues/42196","source":"security@odoo.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/odoo/odoo/issues/42196","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}