Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-613

CWE-613

Insufficient Session Expiration

Parent: CWE-672 - Operation on a Resource after Expiration or Release

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

531 vulnerabilities with CWE-613

CVE-2023-51772 HIGH

One Identity Password Manager <5.13.1 - Privilege Escalation

CVE-2023-4320 HIGH

Red Hat Satellite < 6.13 - Insufficient Session Expiration via Personal Access Token Arithmetic Overflow

CVE-2023-49935 HIGH

Slurm 23.02.x-23.02.6 and 23.11.x < 23.11.1 - Unauthenticated Message Integrity Bypass via Token Reuse

CVE-2023-46326 HIGH

ZStack Cloud <3.10.38 - Privilege Escalation

CVE-2023-49091 HIGH

Cosmos-server <0.13.1 - Privilege Escalation

CVE-2023-47628 MEDIUM

DataHub < 0.12.1 - Insufficient Session Expiration via Stateless Session Cookie

CVE-2023-5889 HIGH

pkp/pkp_web_application_library < 3.3.0-16 - Insufficient Session Expiration

CVE-2023-39695 MEDIUM

Elenos ETG150 FM Transmitter 3.12 - Insufficient Session Expiration

CVE-2023-5865 CRITICAL

phpmyfaq < 3.2.2 - Insufficient Session Expiration

CVE-2023-5838 CRITICAL

linkstack < 4.2.9 - Insufficient Session Expiration

CVE-2023-46158 MEDIUM

IBM WebSphere Application Server Liberty <23.0.0.11 - Info Disclosure

CVE-2023-37504 HIGH

HCL Compass 2.0.0-2.0.3 - Insufficient Session Expiration

CVE-2023-45659 LOW

engelsystem < 2023-09-18 - Insufficient Session Expiration

CVE-2023-33303 HIGH

Fortinet FortiEDR 5.0.0-5.0.1 - Insufficient Session Expiration via API Request

CVE-2023-42768 HIGH

F5 BIG-IP 13.1.0-13.1.5 - Insufficient Session Expiration via iControl REST Role Reversion

CVE-2023-40537 HIGH

F5 BIG-IP 13.1.0-14.1.5 - Insufficient Session Expiration

CVE-2023-40732 LOW

QMS Automotive <V12.39 - Session Hijacking

CVE-2023-41041 LOW

Graylog < 5.0.9 - Insufficient Session Expiration in Multi-Node Cluster

CVE-2023-40178 MEDIUM

node-saml < 4.0.5 - Insufficient Session Expiration via LogoutRequest Reuse

CVE-2023-40025 MEDIUM

Argo CD 2.6.0-2.6.13 - Insufficient Session Expiration in Web Terminal

CVE-2023-40174 MEDIUM

fobybus/social-media-skeleton < 1.0.5 - Insufficient Session Expiration

CVE-2023-37570 HIGH

ESDS Emagic Data Center Management Suit < 6.0 - Insufficient Session Expiration

CVE-2023-4190 MEDIUM

admidio < 4.2.11 - Insufficient Session Expiration

CVE-2023-4126 HIGH

answer < 1.1.0 - Insufficient Session Expiration

CVE-2023-4005 CRITICAL

fossbilling/fossbilling <0.5.5 - Info Disclosure

Previous Page 11 of 22 Next

Details

Vulnerabilities 531

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy