← voltar
CVE-2024-8584

LEARNING DIGITAL Orca HCM - Missing Authentication

CVSS 9.8 CRITICALEPSS 0.7%CWE-306
Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
LEARNING DIGITAL · Orca HCM

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.twcert.org.tw/en/cp-139-8040-948ef-2.htmlhttps://www.twcert.org.tw/tw/cp-132-8039-24e48-1.html