CWE-613

Insufficient Session Expiration

Parent: CWE-672 - Operation on a Resource after Expiration or Release

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

509 vulnerabilities with CWE-613
CVE-2025-57766 MEDIUM
Ethyca Fides < 2.69.1 - Insufficient Session Expiration
CVSS 4.8
CVE-2025-58437 HIGH
Coder <2.25.1 - Info Disclosure
CVSS 8.1
CVE-2025-58352 MEDIUM
Weblate <5.13.1 - Info Disclosure
CVSS 6.5
CVE-2025-55162 MEDIUM
Envoy <1.32.10, 1.33.0-1.33.6, 1.34.0-1.34.4, 1.35.0 - Info Disclosure
CVSS 6.3
CVE-2025-4643 MEDIUM
Payload <3.44.0 - Info Disclosure
CVE-2025-36040 MEDIUM
IBM Aspera Faspex < 5.0.12.1 - Insufficient Session Expiration
CVSS 6.5
CVE-2025-50486 HIGH
PHPGurukul Car Rental Project <3.0 - Privilege Escalation
CVSS 7.1
CVE-2025-50485 HIGH
PHPGurukul Online Course Registration <3.1 - Session Hijacking
CVSS 7.1
CVE-2025-50487 HIGH
PHPGurukul Blood Bank & Donor Mgmt Sys <2.4 - Session Hijacking
CVSS 7.1
CVE-2025-50484 HIGH
PHPGurukul Small CRM v3.0 - Info Disclosure
CVSS 7.1
CVE-2025-50491 HIGH
PHPGurukul Bank Locker Management System <v1 - Session Hijacking
CVSS 7.1
CVE-2025-50488 HIGH
PHPGurukul Online Library Management System <3.0 - Session Hijacking
CVSS 7.1
CVE-2025-31952 HIGH
Hcltech Dryice Iautomate - Insufficient Session Expiration
CVSS 7.1
CVE-2025-53826 CRITICAL
File Browser <2.39.0 - Info Disclosure
CVSS 9.8
CVE-2025-53642 MEDIUM
HAXcms - Info Disclosure
CVSS 4.8
CVE-2025-4407 MEDIUM
ABB Lite Panel Pro <1.0.1 - Info Disclosure
CVSS 6.7
CVE-2025-49152 HIGH
Product - Info Disclosure
CVE-2025-4754 LOW
HEX Ash Authentication Phoenix - Insufficient Session Expiration
CVE-2025-25019 MEDIUM
IBM QRadar Suite Software <1.11.2.0 - Info Disclosure
CVSS 4.8
CVE-2025-33005 MEDIUM
IBM Planning Analytics Local <2.1 - Privilege Escalation
CVSS 6.3
CVE-2025-48929 MEDIUM
TeleMessage - Info Disclosure
CVSS 4.0
CVE-2025-48061 MEDIUM
Wire-webapp - Info Disclosure
CVSS 5.6
CVE-2025-0138 LOW
Palo Alto Networks Prisma Cloud Compute - Info Disclosure
CVE-2025-40566 HIGH
Siemens Simatic Pcs Neo < 4.1 - Insufficient Session Expiration
CVSS 8.8
CVE-2025-46741 MEDIUM
Blueframe - Info Disclosure
CVSS 5.7
Details
Vulnerabilities 509
Links
MITRE CWE Entry Search this CWE With Exploits