Learning Digital · Orca Hcm · CVE-2024-8584
Name of the Vulnerable Software and Affected Versions:
Orca HCM from LEARNING DIGITAL (affected versions not specified)
Description:
The issue is related to a missing authentication vulnerability, allowing an unauthenticated remote attacker to exploit the functionality and create an account with administrator privileges, subsequently using it to log in. This vulnerability enables unauthorized access, risking administrator account creation and access by remote attackers.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.