← volver
CVE-2024-8584

LEARNING DIGITAL Orca HCM - Missing Authentication

CVSS 9.8 CRITICALEPSS 0.7%CWE-306
Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
LEARNING DIGITAL · Orca HCM

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.twcert.org.tw/en/cp-139-8040-948ef-2.htmlhttps://www.twcert.org.tw/tw/cp-132-8039-24e48-1.html