Vulnerabilities > Insufficient Session Expiration
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-05 | CVE-2020-15950 | Insufficient Session Expiration vulnerability in Immuta 2.8.2 Immuta v2.8.2 is affected by improper session management: user sessions are not revoked upon logout. | 6.8 |
2020-10-28 | CVE-2020-25374 | Insufficient Session Expiration vulnerability in Cyberark Privileged Session Manager 10.9.0.15 CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time. | 2.6 |
2020-10-28 | CVE-2020-24713 | Insufficient Session Expiration vulnerability in Getgophish Gophish Gophish through 0.10.1 does not invalidate the gophish cookie upon logout. | 5.0 |
2020-10-28 | CVE-2020-27739 | Insufficient Session Expiration vulnerability in Citadel Webcit 7.10/926 A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions. | 7.5 |
2020-10-20 | CVE-2020-15269 | Insufficient Session Expiration vulnerability in Sparksolutions Spree In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. | 6.4 |
2020-10-16 | CVE-2020-1666 | Insufficient Session Expiration vulnerability in Juniper Junos OS Evolved The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. | 7.2 |
2020-10-15 | CVE-2020-6363 | Insufficient Session Expiration vulnerability in SAP Commerce Cloud SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several web applications that maintain sessions with a user. | 4.9 |
2020-10-14 | CVE-2020-4395 | Insufficient Session Expiration vulnerability in IBM Security Access Manager Appliance 9.0.7 IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 5.5 |
2020-10-12 | CVE-2020-4780 | Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam Social Program Management 7.0.9 and 7.0,10. | 5.0 |
2020-09-18 | CVE-2020-15774 | Insufficient Session Expiration vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 6.8 |