Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-15 | CVE-2020-13307 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 6.0 |
| 2020-09-14 | CVE-2020-13305 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 4.0 |
| 2020-09-14 | CVE-2020-13302 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 6.5 |
| 2020-09-14 | CVE-2020-13299 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 8.1 |
| 2020-08-21 | CVE-2020-8234 | Insufficient Session Expiration vulnerability in UI Edgemax Firmware A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection. | 9.8 |
| 2020-08-21 | CVE-2020-5774 | Insufficient Session Expiration vulnerability in Tenable Nessus Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. | 3.6 |
| 2020-08-14 | CVE-2020-17474 | Insufficient Session Expiration vulnerability in Zkteco Facedepot 7B Firmware and Zkbiosecurity Server A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database. | 7.5 |
| 2020-08-14 | CVE-2020-17473 | Insufficient Session Expiration vulnerability in Zkteco Facedepot 7B Firmware and Zkbiosecurity Server Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server. | 4.3 |
| 2020-07-20 | CVE-2020-1776 | Insufficient Session Expiration vulnerability in Otrs When an agent user is renamed or set to invalid the session belonging to the user is keept active. | 4.3 |
| 2020-07-14 | CVE-2020-15074 | Insufficient Session Expiration vulnerability in Openvpn Access Server OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp. | 5.0 |