Weak Token Expiration in ForLogic Qualiex v1 and v3: Remote Privilege Escalation and Sensitive Data Access

Weak Token Expiration in ForLogic Qualiex v1 and v3: Remote Privilege Escalation and Sensitive Data Access

CVE-2020-24030 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse.

Learn more about our Web Application Penetration Testing UK.