CVE-2025-37184

Name of the Vulnerable Software and Affected Versions Orchestrator (affected versions not specified)

Description A flaw exists in the Orchestrator service that may allow a remote attacker who does not have an account to circumvent multi-factor authentication. Exploitation of this issue could lead to the creation of an administrator-level user account without the required multi-factor authentication, potentially compromising secure access to the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.