CVE-2020-24030

Published: Sep 2, 2020

Modified: Oct 14, 2025

PUBLISHED

Description

ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens are properly expired, invalidated, and bound to session context. Attempts to alter the token payload to extend its validity do not affect server-side validation."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://qualiex.com

https://github.com/underprotection/CVE-2020-24030

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-24030

Description

Affected Products

References