| TVN ID | TVN-202409001 |
|---|---|
| CVE ID | CVE-2024-8584 |
| CVSS | 9.8 (Critical) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | Orca HCM before version 11.0 |
| Description | Orca HCM from Learning Digital has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in. |
| Solution | For standard user, please update to version 11.0 or later. For customized user, please contact the vendor for updates. |
| Credit | YinJhang Chen,ChunHao Yang(CHT Security) |
| Public Date | 2025-02-17 |
:::