Vulnerabilities > Forlogic

DATE CVE VULNERABILITY TITLE RISK
2020-09-02 CVE-2020-24030 Operation on a Resource after Expiration or Release vulnerability in Forlogic Qualiex 1.0/3.0
ForLogic Qualiex v1 and v3 has weak token expiration.
network
low complexity
forlogic CWE-672
7.5
2020-09-02 CVE-2020-24029 Improper Authentication vulnerability in Forlogic Qualiex 1.0/3.0
Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request.
network
low complexity
forlogic CWE-287
7.5
2020-09-02 CVE-2020-24028 Incorrect Permission Assignment for Critical Resource vulnerability in Forlogic Qualiex 1.0/3.0
ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates.
network
low complexity
forlogic CWE-732
6.5