CVE-2020-36994 MEDIUM

CVE-2020-36994: QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service

Vendor Qliktech International Ab
Product QlikView
Weakness CWE-120
Published January 29, 2026
Last update May 12, 2026

CVSS base score

4.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionality.

Key dates

02Disclosure timeline

January 29, 2026 CVE published
May 12, 2026 Record updated