Vulnerabilities > CVE-2024-8584 - Unspecified vulnerability in Learningdigital Orca HCM
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in. ( The vendor is currently addressing the vulnerability. Once the fix is completed, we will provide information on the affected versions.)
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |