Skip to main content

Qualiex

3 CVEs product

Monthly

CVE-2020-24030 CRITICAL Act Now

ForLogic Qualiex v1 and v3 has weak token expiration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Qualiex
NVD GitHub
CVSS 3.1
9.8
EPSS
2.7%
CVE-2020-24029 CRITICAL Act Now

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qualiex
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2020-24028 HIGH This Week

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Qualiex
NVD GitHub
CVSS 3.1
8.8
EPSS
2.3%
EPSS 3% CVSS 9.8
CRITICAL Act Now

ForLogic Qualiex v1 and v3 has weak token expiration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Qualiex
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qualiex
NVD GitHub
EPSS 2% CVSS 8.8
HIGH This Week

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Qualiex
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy