Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2020-11795 | Insufficient Session Expiration vulnerability in Jetbrains Space 20200422 In JetBrains Space through 2020-04-22, the session timeout period was configured improperly. | 5.0 |
| 2020-04-22 | CVE-2020-11688 | Insufficient Session Expiration vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session. | 5.0 |
| 2020-04-17 | CVE-2019-12001 | Insufficient Session Expiration vulnerability in HPE products A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier. | 7.1 |
| 2020-03-24 | CVE-2020-4253 | Insufficient Session Expiration vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 6.5 |
| 2020-03-10 | CVE-2020-6197 | Insufficient Session Expiration vulnerability in SAP Enable NOW 1902 SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. | 2.1 |
| 2020-03-10 | CVE-2020-6178 | Insufficient Session Expiration vulnerability in SAP Enable NOW 1902/1908 SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. | 5.5 |
| 2020-02-12 | CVE-2014-2595 | Insufficient Session Expiration vulnerability in Barracuda web Application Firewall 7.8.1.013 Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string. | 7.5 |
| 2020-02-07 | CVE-2020-1768 | Insufficient Session Expiration vulnerability in Otrs The external frontend system uses numerous background calls to the backend. | 5.5 |
| 2020-01-28 | CVE-2019-5462 | Insufficient Session Expiration vulnerability in Gitlab A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed. | 6.8 |
| 2020-01-22 | CVE-2019-5647 | Insufficient Session Expiration vulnerability in Rapid7 Appspider The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser sessions active after recording a macro, even after a restart of the Chrome browser. | 3.6 |