Vulnerabilities > Forlogic
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-02 | CVE-2020-24030 | Operation on a Resource after Expiration or Release vulnerability in Forlogic Qualiex 1.0/3.0 ForLogic Qualiex v1 and v3 has weak token expiration. | 7.5 |
2020-09-02 | CVE-2020-24029 | Improper Authentication vulnerability in Forlogic Qualiex 1.0/3.0 Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. | 7.5 |
2020-09-02 | CVE-2020-24028 | Incorrect Permission Assignment for Critical Resource vulnerability in Forlogic Qualiex 1.0/3.0 ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. | 6.5 |