Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-17 | CVE-2021-20581 | Insufficient Session Expiration vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. | 4.3 |
| 2023-10-17 | CVE-2023-45659 | Insufficient Session Expiration vulnerability in Engelsystem 2.0.0/3.0.0 Engelsystem is a shift planning system for chaos events. | 2.8 |
| 2023-10-13 | CVE-2023-33303 | Insufficient Session Expiration vulnerability in Fortinet Fortiedr 5.0.0/5.0.1 A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request | 8.1 |
| 2023-10-10 | CVE-2023-40537 | Insufficient Session Expiration vulnerability in F5 products An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 8.1 |
| 2023-10-10 | CVE-2023-42768 | Insufficient Session Expiration vulnerability in F5 products When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. | 7.2 |
| 2023-09-20 | CVE-2022-3916 | Insufficient Session Expiration vulnerability in Redhat products A flaw was found in the offline_access scope in Keycloak. | 6.8 |
| 2023-09-12 | CVE-2023-40732 | Insufficient Session Expiration vulnerability in Siemens QMS Automotive 12.30 A vulnerability has been identified in QMS Automotive (All versions < V12.39). | 3.9 |
| 2023-08-30 | CVE-2023-41041 | Insufficient Session Expiration vulnerability in Graylog Graylog is a free and open log management platform. | 3.1 |
| 2023-08-23 | CVE-2023-40178 | Insufficient Session Expiration vulnerability in Node Saml Project Node Saml Node-SAML is a SAML library not dependent on any frameworks that runs in Node. | 5.3 |
| 2023-08-23 | CVE-2023-40025 | Insufficient Session Expiration vulnerability in Linuxfoundation Argo-Cd Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 7.1 |