Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-09 | CVE-2019-16133 | Insufficient Session Expiration vulnerability in Weaver Eteams OA 4.0.34 An issue was discovered in eteams OA v4.0.34. | 6.5 |
| 2019-08-06 | CVE-2019-2386 | Insufficient Session Expiration vulnerability in Mongodb After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones. | 7.1 |
| 2019-07-01 | CVE-2019-7280 | Insufficient Session Expiration vulnerability in Primasystems Flexair 2.3.38 Prima Systems FlexAir, Versions 2.3.38 and prior. | 8.8 |
| 2019-06-12 | CVE-2019-6584 | Insufficient Session Expiration vulnerability in Siemens Logo!8 Firmware 1.80.00/1.81.00 A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). | 8.8 |
| 2019-06-06 | CVE-2019-3790 | Insufficient Session Expiration vulnerability in Pivotal Software Operations Manager The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refresh token expiration. | 5.4 |
| 2019-06-06 | CVE-2019-7215 | Insufficient Session Expiration vulnerability in Progress Sitefinity Progress Sitefinity 10.1.6536 does not invalidate session cookies upon logouts. | 6.5 |
| 2019-05-09 | CVE-2019-4072 | Insufficient Session Expiration vulnerability in IBM products IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even when a user has logged out. | 6.3 |
| 2019-05-07 | CVE-2018-6634 | Insufficient Session Expiration vulnerability in Parsecgaming Parsec 1420/1421 A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account. | 9.8 |
| 2019-04-10 | CVE-2019-1003049 | Insufficient Session Expiration vulnerability in multiple products Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches. | 8.1 |
| 2019-01-15 | CVE-2019-0015 | Insufficient Session Expiration vulnerability in Juniper Junos A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. | 5.4 |