VYPR
Critical severity9.8NVD Advisory· Published Jul 19, 2021· Updated Jun 17, 2026

CVE-2021-35965

CVE-2021-35965

Description

The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code of the webpage in plain text, thus remote attackers can obtain administrator’s privilege without logging in.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Orca HCM/Orca HCMllm-create
  • Learningdigital.com, Inc./Orca HCMv5
    Range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.