VYPR
Vendor

ForLogic

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2020-24030CriSep 2, 2020
    risk 0.64cvss 9.8epss 0.03

    ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens…

  • CVE-2020-24029CriSep 2, 2020
    risk 0.64cvss 9.8epss 0.02

    Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "corrected in all maintained versions. Password reset…

  • CVE-2020-24028HigSep 2, 2020
    risk 0.57cvss 8.8epss 0.02

    ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. NOTE: as of 2025-10-14, the Supplier's perspective is that this "does not allow administrative privilege gain.…