Vulnerabilities > Insufficient Session Expiration
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-05 | CVE-2023-0041 | Insufficient Session Expiration vulnerability in IBM Security Guardium 11.5 IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. | 8.8 |
2023-05-26 | CVE-2023-32318 | Insufficient Session Expiration vulnerability in Nextcloud Server Nextcloud server provides a home for data. | 6.7 |
2023-05-16 | CVE-2023-33005 | Insufficient Session Expiration vulnerability in Jenkins Wso2 Oauth 1.0 Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login. | 5.4 |
2023-05-05 | CVE-2022-38707 | Insufficient Session Expiration vulnerability in IBM Cognos Command Center 10.2.4.1 IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. | 5.5 |
2023-05-02 | CVE-2023-30403 | Insufficient Session Expiration vulnerability in Aigital Wireless-N Repeater Mini Router Firmware 0.131229 An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user. | 7.5 |
2023-04-16 | CVE-2022-37186 | Insufficient Session Expiration vulnerability in Lemonldap-Ng Lemonldap::Ng In LemonLDAP::NG before 2.0.15. | 5.9 |
2023-03-28 | CVE-2023-20903 | Insufficient Session Expiration vulnerability in Cloudfoundry User Account and Authentication This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates the identity provider from the UAA. | 4.3 |
2023-03-24 | CVE-2021-3844 | Insufficient Session Expiration vulnerability in Rapid7 Insightvm Rapid7 InsightVM suffers from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. | 5.4 |
2023-03-21 | CVE-2023-1543 | Insufficient Session Expiration vulnerability in Answer Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. | 8.8 |
2023-03-06 | CVE-2023-27891 | Insufficient Session Expiration vulnerability in Rami Pretix rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. | 7.5 |