Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-14 | CVE-2020-4395 | Insufficient Session Expiration vulnerability in IBM Security Access Manager Appliance 9.0.7 IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 5.4 |
| 2020-10-12 | CVE-2020-4780 | Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam Social Program Management 7.0.9 and 7.0,10. | 5.3 |
| 2020-10-02 | CVE-2019-19199 | Insufficient Session Expiration vulnerability in Reddoxx Maildepot 2032 REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout. | 7.4 |
| 2020-09-18 | CVE-2020-15774 | Insufficient Session Expiration vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 6.8 |
| 2020-09-15 | CVE-2020-13307 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 4.7 |
| 2020-09-14 | CVE-2020-13305 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 4.3 |
| 2020-09-14 | CVE-2020-13302 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 7.2 |
| 2020-09-14 | CVE-2020-13299 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 8.1 |
| 2020-08-21 | CVE-2020-8234 | Insufficient Session Expiration vulnerability in UI Edgemax Firmware A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection. | 9.8 |
| 2020-08-21 | CVE-2020-5774 | Insufficient Session Expiration vulnerability in Tenable Nessus Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. | 7.1 |