Forlogic: >> Qualiex Security Vulnerabilities
ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-09-02
Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request.
CVSS Score
9.8
EPSS Score
0.008
Published
2020-09-02
ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse.
CVSS Score
9.8
EPSS Score
0.014
Published
2020-09-02