CVE-2021-35965

The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code of the webpage in plain text, thus remote attackers can obtain administrator’s privilege without logging in.
Configurations

Configuration 1

cpe:2.3:a:learningdigital:orca_hcm:*:*:*:*:*:*:*:*

Information

Published : 2021-07-19 12:15

Updated : 2022-10-27 12:28


NVD link : CVE-2021-35965

Mitre link : CVE-2021-35965

Products Affected
No products.
CWE
CWE-1188

Insecure Default Initialization of Resource