Forlogic · Qualiex · CVE-2020-24028
**Name of the Vulnerable Software and Affected Versions**
ForLogic Qualiex versions v1 through v3
**Description**
The issue allows any authenticated customer to achieve privilege escalation through various means such as creating users, changing passwords, or updating user permissions.
**Recommendations**
For versions v1 through v3, consider restricting access to user creation, password change, and user permission update features until a fix is available. As a temporary workaround, limit the privileges of authenticated customers to prevent escalation.