CVE-2020-24028

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
forlogicqualiex
1.0
forlogicqualiex
3.0
𝑥
= Vulnerable software versions
References
https://forlogic.net
https://github.com/underprotection/CVE-2020-24028
https://qualiex.com
https://forlogic.net
https://github.com/underprotection/CVE-2020-24028
https://qualiex.com