CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-8585

Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.4%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.twcert.org.tw/en/cp-139-8042-f9f26-2.html
https://www.twcert.org.tw/tw/cp-132-8041-dfbf9-1.html

Products affected by CVE-2024-8585

Learningdigital » Orca Hcm » Version: N/A

cpe:2.3:a:learningdigital:orca_hcm:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8585

Products

Pricing

Contact Us