Filtered by vendor Forlogic Subscriptions
Filtered by product Qualiex Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-24030 1 Forlogic 1 Qualiex 2024-11-21 9.8 Critical
ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse.
CVE-2020-24029 1 Forlogic 1 Qualiex 2024-11-21 9.8 Critical
Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request.
CVE-2020-24028 1 Forlogic 1 Qualiex 2024-11-21 8.8 High
ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates.