Vulnerabilities > Paxtechnology > Paxstore > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-07 | CVE-2020-36125 | Missing Authentication for Critical Function vulnerability in Paxtechnology Paxstore 7.0.820200511171508 Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly. | 7.1 |
| 2021-05-07 | CVE-2020-36126 | Authorization Bypass Through User-Controlled Key vulnerability in Paxtechnology Paxstore 7.0.820200511171508 Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control that can lead to remote privilege escalation. | 8.1 |
| 2021-05-07 | CVE-2020-36128 | Authentication Bypass by Spoofing vulnerability in Paxtechnology Paxstore 7.0.820200511171508 Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability. | 8.2 |