CVE-2025-1387

Summary

Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in to the system as any user.

Affected Software

VendorProductVersion RangeStatus
Learning DigitalOrca HCM0 < 11.0affected

Weaknesses

  • CWE-1390: CWE-1390 Weak Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References