Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2022-24042 | Insufficient Session Expiration vulnerability in Siemens products A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). | 9.1 |
| 2022-05-06 | CVE-2021-27751 | Insufficient Session Expiration vulnerability in Hcltechsw HCL Commerce HCL Commerce is affected by an Insufficient Session Expiration vulnerability. | 3.3 |
| 2022-05-03 | CVE-2022-23063 | Insufficient Session Expiration vulnerability in Shopizer In Shopizer versions 2.3.0 to 3.0.1 are vulnerable to Insufficient Session Expiration. | 8.8 |
| 2022-04-01 | CVE-2021-3461 | Insufficient Session Expiration vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name]. | 7.1 |
| 2022-03-25 | CVE-2022-25590 | Insufficient Session Expiration vulnerability in Surveyking 0.2.0 SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application. | 6.5 |
| 2022-03-19 | CVE-2022-0991 | Insufficient Session Expiration vulnerability in Admidio Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9. | 7.1 |
| 2022-03-14 | CVE-2022-24743 | Insufficient Session Expiration vulnerability in Sylius Sylius is an open source eCommerce platform. | 8.2 |
| 2022-03-09 | CVE-2022-24744 | Insufficient Session Expiration vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 3.5 |
| 2022-03-01 | CVE-2021-38986 | Insufficient Session Expiration vulnerability in IBM MQ 9.2.0/9.2.0.0/9.2.1.0 IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 5.4 |
| 2022-02-25 | CVE-2022-24332 | Insufficient Session Expiration vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. | 5.3 |