Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-613

CWE-613

Insufficient Session Expiration

Parent: CWE-672 - Operation on a Resource after Expiration or Release

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

531 vulnerabilities with CWE-613

CVE-2023-38489 HIGH

Kirby <3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, 3.9.6 - Info Disclosure

CVE-2023-37919 MEDIUM

Cal.com < 3.1.4 - Insufficient Session Expiration after 2FA Enablement

CVE-2023-28001 MEDIUM

FortiOS 7.0.0-7.0.12 and 7.2.0-7.2.4 - Insufficient Session Expiration via REST API

CVE-2023-36252 HIGH

Ateme Flamingo XL/XS <3.6.20/3.6.5 - RCE, DoS

CVE-2023-35857 CRITICAL

Siren Investigate < 13.2.2 - Insufficient Session Expiration

CVE-2023-2788 MEDIUM

Mattermost 7.1.0-7.1.8 - Authenticated Missing Authorization via OAuth2 Flow

CVE-2023-0041 MEDIUM

IBM Security Guardium 11.5 - Privilege Escalation

CVE-2023-32318 HIGH

Nextcloud Server - Insufficient Session Expiration via Text App Session Handling

CVE-2023-31065 CRITICAL

Apache InLong <1.7.0 - Info Disclosure

CVE-2023-33005 MEDIUM

Jenkins WSO2 Oauth Plugin < 1.0 - Insufficient Session Expiration

CVE-2023-31139 MEDIUM

DHIS2 Core <2.37.9.1-2.39.1.2 - Auth Bypass

CVE-2023-31140 MEDIUM

OpenProject <12.5.4 - Info Disclosure

CVE-2023-30403 HIGH

Aigital Wireless-N Repeater Mini Router Firmware v0.131229 - Insufficient Session Expiration

CVE-2023-28003 MEDIUM

EcoStruxure Power Monitoring Expert < 2022 - Insufficient Session Expiration

CVE-2023-1788 CRITICAL

GitHub firefly-iii <6 - Info Disclosure

CVE-2023-1854 MEDIUM

SourceCodester Online Graduate Tracer System 1.0 - Info Disclosure

CVE-2023-20903 MEDIUM

Cloudfoundry User Account And Authent... - Insufficient Session Expiration

CVE-2023-1543 HIGH

GitHub answerdev/answer <1.0.6 - Info Disclosure

CVE-2023-22591 LOW

IBM Robotic Process Automation 21.0.1-21.0.7 and 23.0.0-23.0.1 - Insufficient Session Expiration

CVE-2023-27891 HIGH

pretix < 4.17.1 - Insufficient Session Expiration

CVE-2023-23929 HIGH

vantage6 < 3.8.0 - Insufficient Session Expiration

CVE-2023-22771 MEDIUM

ArubaOS 8.6.0.0-8.6.0.18 & SD-WAN 8.7.0.0-2.3.0.0-8.7.0.0-2.3.0.7 CLI Session Expiration Issue

CVE-2023-25562 MEDIUM

DataHub < 0.8.45 - Authentication Bypass via Insufficient Session Expiration

CVE-2023-24426 HIGH

Jenkins Azure AD Plugin <303.va_91ef20ee49f - Auth Bypass

CVE-2023-23614 HIGH

Pi-hole Web Interface 4.0-5.18.2 - Insufficient Session Expiration via Remember Me Cookie

Previous Page 12 of 22 Next

Details

Vulnerabilities 531

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy