Forlogic

Qualiex

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2020-24028

  • EPSS 0.72%
  • Veröffentlicht 02.09.2020 17:15:12
  • Zuletzt bearbeitet 14.10.2025 13:15:32

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. NOTE: as of 2025-10-14, the Supplier's perspective is that this "does not allow administrat...

9.8

CVE-2020-24029

  • EPSS 0.83%
  • Veröffentlicht 02.09.2020 17:15:12
  • Zuletzt bearbeitet 14.10.2025 13:15:32

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "corrected in all maintained v...

9.8

CVE-2020-24030

  • EPSS 1.42%
  • Veröffentlicht 02.09.2020 17:15:12
  • Zuletzt bearbeitet 14.10.2025 13:15:32

ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the cur...