CWE-613

Insufficient Session Expiration

Parent: CWE-672 - Operation on a Resource after Expiration or Release

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

532 vulnerabilities with CWE-613
CVE-2022-0991 HIGH
admidio < 4.1.9 - Insufficient Session Expiration
CVSS 7.1
CVE-2022-24743 HIGH
Sylius <1.10.11-1.11.2 - Info Disclosure
CVSS 7.1
CVE-2022-24744 LOW
Shopware < 6.4.8.1 - Insufficient Session Expiration
CVSS 2.6
CVE-2022-24732 MEDIUM
Maddy Mail Server <0.5.4 - Info Disclosure
CVSS 6.3
CVE-2022-24341 HIGH
JetBrains TeamCity <2021.2.1 - Info Disclosure
CVSS 7.5
CVE-2022-24332 MEDIUM
JetBrains TeamCity <2021.2 - Info Disclosure
CVSS 5.3
CVE-2022-22113 HIGH
DayByDay CRM <2.2.1 - Info Disclosure
CVSS 8.8
CVE-2022-22283 LOW
Samsung Health <6.20.1.005 - Info Disclosure
CVSS 2.8
CVE-2022-21652 LOW
Shopware 5.7.3-5.7.6 - Insufficient Session Expiration
CVSS 3.5
CVE-2021-47740 HIGH
KZTech JT3500V - Privilege Escalation
CVSS 7.5
CVE-2021-47663 HIGH
Franka Emika Robot - Session ID Impersonation
CVSS 8.1
CVE-2021-35473 CRITICAL
LemonLDAP::NG <2.0.12 - Info Disclosure
CVSS 9.1
CVE-2021-20581 MEDIUM
IBM Security Verify Privilege On-Premises <11.5 - Info Disclosure
CVSS 5.3
CVE-2021-3844 MEDIUM
Rapid7 InsightVM < 6.5.50 - Insufficient Session Expiration
CVSS 5.7
CVE-2021-46279 MEDIUM
Lanner Inc IAC-AST2500A <1.10.0 - Session Fixation
CVSS 5.8
CVE-2021-27751 MEDIUM
HCL Commerce 8.0.0.0-8.0.4.28 - Insufficient Session Expiration
CVSS 4.4
CVE-2021-3461 HIGH
Keycloak - Insufficient Session Expiration via SAML Identity Provider Logout
CVSS 7.1
CVE-2021-38986 MEDIUM
IBM MQ Appliance <9.2 - Privilege Escalation
CVSS 5.4
CVE-2021-25992 CRITICAL
ifme 1.0.0-7.33.2 - Insufficient Session Expiration
CVSS 9.8
CVE-2021-22820 CRITICAL
EVlink <R8 V3.4.0.2 - Info Disclosure
CVSS 9.8
CVE-2021-29846 LOW
IBM Security Guardium Insights 3.0 - Authenticated Sensitive Information Exposure via Insufficient Session Expiration
CVSS 2.7
CVE-2021-37866 MEDIUM
Mattermost Boards < 0.10.0 - Insufficient Session Expiration
CVSS 4.7
CVE-2021-25981 CRITICAL
Talkyard 0.2021.20-0.2021.33 - Insufficient Session Expiration
CVSS 9.8
CVE-2021-45885 HIGH
Stormshield SNS <4.2.8 - Info Disclosure
CVSS 7.5
CVE-2021-35034 HIGH
Zyxel NBG6604 Firmware < 1.00(abir.9)c0 - Insufficient Session Expiration
CVSS 7.4
Details
Vulnerabilities 532
Links
MITRE CWE Entry Search this CWE With Exploits