Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-14 | CVE-2024-34709 | Insufficient Session Expiration vulnerability in Monospace Directus Directus is a real-time API and App dashboard for managing SQL database content. | 5.4 |
| 2024-05-06 | CVE-2024-34092 | Insufficient Session Expiration vulnerability in Archerirm Archer An issue was discovered in Archer Platform 6 before 2024.04. | 8.8 |
| 2024-04-09 | CVE-2024-30262 | Insufficient Session Expiration vulnerability in Contao Contao is an open source content management system. | 7.1 |
| 2024-03-06 | CVE-2024-20301 | Insufficient Session Expiration vulnerability in Cisco DUO Authentication for Windows Logon and RDP 4.2.2 A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. | 6.2 |
| 2024-03-05 | CVE-2023-45600 | Insufficient Session Expiration vulnerability in Ailux Imx6 A CWE-613 “Insufficient Session Expiration” vulnerability in the web application, due to the session cookie “sessionid” lasting two weeks, facilitates session hijacking attacks against victims. | 9.8 |
| 2024-02-16 | CVE-2024-25628 | Insufficient Session Expiration vulnerability in ALF 2.0M42304 Alf.io is a free and open source event attendance management system. | 7.6 |
| 2024-02-14 | CVE-2024-0008 | Insufficient Session Expiration vulnerability in Paloaltonetworks Pan-Os Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access. | 8.8 |
| 2024-02-11 | CVE-2024-25718 | Insufficient Session Expiration vulnerability in Dropbox Samly In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry. | 9.8 |
| 2023-12-25 | CVE-2023-51772 | Insufficient Session Expiration vulnerability in Oneidentity Password Manager One Identity Password Manager before 5.13.1 allows Kiosk Escape. | 8.8 |
| 2023-12-18 | CVE-2023-4320 | Insufficient Session Expiration vulnerability in Redhat Satellite An arithmetic overflow flaw was found in Satellite when creating a new personal access token. | 7.5 |