Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-18 | CVE-2019-3867 | Insufficient Session Expiration vulnerability in Redhat Quay 2.0.0/3.0.0 A vulnerability was found in the Quay web application. | 4.4 |
| 2021-03-15 | CVE-2020-35358 | Insufficient Session Expiration vulnerability in Domainmod 4.15.0 DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. | 7.5 |
| 2021-03-07 | CVE-2009-20001 | Insufficient Session Expiration vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.5. | 5.5 |
| 2021-02-27 | CVE-2021-3144 | Insufficient Session Expiration vulnerability in multiple products In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. | 9.1 |
| 2021-02-19 | CVE-2021-27351 | Insufficient Session Expiration vulnerability in Telegram The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session. | 5.0 |
| 2021-02-09 | CVE-2021-26921 | Insufficient Session Expiration vulnerability in Linuxfoundation Argo Continuous Delivery In util/session/sessionmanager.go in Argo CD before 1.8.4, tokens continue to work even when the user account is disabled. | 5.0 |
| 2021-02-09 | CVE-2020-4995 | Insufficient Session Expiration vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout which could allow a user to obtain sensitive information from another users' session. | 5.0 |
| 2021-02-08 | CVE-2020-6649 | Insufficient Session Expiration vulnerability in Fortinet Fortiisolator An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks) | 7.5 |
| 2021-02-05 | CVE-2021-3311 | Insufficient Session Expiration vulnerability in Octobercms October An issue was discovered in October through build 471. | 6.8 |
| 2021-02-04 | CVE-2020-14247 | Insufficient Session Expiration vulnerability in Hcltechsw Onetest Performance 10.0.0/10.1.0/9.5.0 HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID. | 6.4 |