Vulnerabilities > Insufficient Session Expiration

DATE CVE VULNERABILITY TITLE RISK
2022-06-20 CVE-2022-22317 Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 8.0.0/8.0.1
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-613
7.5
2022-06-20 CVE-2022-22318 Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 8.0.0/8.0.1
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-613
6.5
2022-06-14 CVE-2022-31050 Insufficient Session Expiration vulnerability in Typo3
TYPO3 is an open source web content management system.
network
low complexity
typo3 CWE-613
6.5
2022-06-14 CVE-2022-2076 Insufficient Session Expiration vulnerability in Microsoft Office 365
** DISPUTED ** A vulnerability has been found in Microsoft O365 and classified as critical.
network
microsoft CWE-613
6.0
2022-06-13 CVE-2022-2064 Insufficient Session Expiration vulnerability in Xgenecloud Nocodb
Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+.
network
low complexity
xgenecloud CWE-613
6.5
2022-06-02 CVE-2022-30277 Insufficient Session Expiration vulnerability in BD Synapsys 4.20/4.30
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability.
local
low complexity
bd CWE-613
3.6
2022-05-17 CVE-2022-23669 Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-613
6.5
2022-05-10 CVE-2022-24042 Insufficient Session Expiration vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens CWE-613
6.4
2022-05-06 CVE-2021-27751 Insufficient Session Expiration vulnerability in Hcltechsw HCL Commerce
HCL Commerce is affected by an Insufficient Session Expiration vulnerability.
1.9
2022-05-03 CVE-2022-23063 Insufficient Session Expiration vulnerability in Shopizer
In Shopizer versions 2.3.0 to 3.0.1 are vulnerable to Insufficient Session Expiration.
network
low complexity
shopizer CWE-613
6.5