CWE-613

Insufficient Session Expiration

Parent: CWE-672 - Operation on a Resource after Expiration or Release

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

509 vulnerabilities with CWE-613
CVE-2024-32006 MEDIUM
SINEMA Remote Connect Client <V3.2 SP2 - Auth Bypass
CVSS 4.3
CVE-2024-45187 HIGH
Mage AI - Privilege Escalation
CVSS 7.1
CVE-2024-7998 LOW
Octopus Server - Info Disclosure
CVSS 2.6
CVE-2024-39809 HIGH
F5 Big-ip Next Central Manager - Insufficient Session Expiration
CVSS 7.5
CVE-2024-42447 CRITICAL
Apache Airflow Providers FAB - Info Disclosure
CVSS 9.8
CVE-2024-29070 CRITICAL
Apache Streampark < 2.1.4 - Insufficient Session Expiration
CVSS 9.1
CVE-2024-41827 HIGH
Jetbrains Teamcity < 2024.07 - Insufficient Session Expiration
CVSS 7.4
CVE-2024-27782 HIGH
Fortinet FortiAIOps <2.0.0 - Info Disclosure
CVSS 8.1
CVE-2024-36041 HIGH
KSmserver <5.27.11.1-6.0.5.1 - Privilege Escalation
CVSS 7.8
CVE-2024-5995 HIGH
Soar Cloud HR Portal - Info Disclosure
CVSS 8.8
CVE-2024-36523 MEDIUM
Wvp GB28181 Pro 2.0 - Info Disclosure
CVSS 6.5
CVE-2024-35206 HIGH
Siemens Sinec Traffic Analyzer < 1.2 - Insufficient Session Expiration
CVSS 7.7
CVE-2024-4680 HIGH
Zenml - Insufficient Session Expiration
CVSS 8.8
CVE-2024-35220 HIGH
Fastify Session < 10.9.0 - Insufficient Session Expiration
CVSS 7.4
CVE-2024-35050 HIGH
Surveyking - Insufficient Session Expiration
CVSS 8.8
CVE-2024-35049 CRITICAL
Surveyking - Insufficient Session Expiration
CVSS 9.1
CVE-2024-35048 MEDIUM
Surveyking - Insufficient Session Expiration
CVSS 4.3
CVE-2024-34709 MEDIUM
Monospace Directus < 10.11.0 - Insufficient Session Expiration
CVSS 5.4
CVE-2024-34092 HIGH
Archer Platform <2024.04 - Privilege Escalation
CVSS 8.8
CVE-2024-29402 MEDIUM
cskefu v7 - Info Disclosure
CVSS 4.3
CVE-2024-22358 MEDIUM
IBM UrbanCode Deploy <7.3.2.4 - Privilege Escalation
CVSS 6.3
CVE-2024-31999 HIGH
@festify/secure-session - Info Disclosure
CVSS 7.4
CVE-2024-31995 MEDIUM
@digitalbazaar/zcap <9.0.1 - Info Disclosure
CVSS 4.3
CVE-2024-30262 MEDIUM
Contao <4.13.40 - Info Disclosure
CVSS 5.9
CVE-2024-31447 MEDIUM
Shopware < 6.5.8.8 - Insufficient Session Expiration
CVSS 5.3
Details
Vulnerabilities 509
Links
MITRE CWE Entry Search this CWE With Exploits