Primary

Context

Orca HCM Improper Authentication Vulnerability

Vulnerability

Patched

A vulnerability allowing improper authentication has been identified in Orca HCM by Learning Digital, affecting versions prior to 11.0. This vulnerability enables unauthenticated remote attackers to log into the system as any user.

Impact

Exploitation of this vulnerability allows for unauthorized access to the system, with the attacker able to log in as any user.

Remediation

Users of standard Orca HCM should update to version 11.0 or later. Customized users should contact the vendor for updates.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Orca HCM Improper Authentication Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Learning Digital Orca HCM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating