Vulnerabilities > Insufficient Session Expiration

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-16	CVE-2023-33005	Insufficient Session Expiration vulnerability in Jenkins Wso2 Oauth 1.0 Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login. network low complexity jenkins CWE-613	5.4
2023-05-05	CVE-2020-4914	Insufficient Session Expiration vulnerability in IBM Cloud PAK System IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. local low complexity ibm CWE-613	4.2
2023-05-05	CVE-2022-38707	Insufficient Session Expiration vulnerability in IBM Cognos Command Center 10.2.4.1 IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. local low complexity ibm CWE-613	5.5
2023-05-02	CVE-2023-30403	Insufficient Session Expiration vulnerability in Aigital Wireless-N Repeater Mini Router Firmware 0.131229 An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user. network low complexity aigital CWE-613	7.5
2023-04-16	CVE-2022-37186	Insufficient Session Expiration vulnerability in Lemonldap-Ng Lemonldap::Ng In LemonLDAP::NG before 2.0.15. network high complexity lemonldap-ng CWE-613	5.9
2023-03-28	CVE-2023-20903	Insufficient Session Expiration vulnerability in Cloudfoundry User Account and Authentication This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates the identity provider from the UAA. network low complexity cloudfoundry CWE-613	4.3
2023-03-24	CVE-2021-3844	Insufficient Session Expiration vulnerability in Rapid7 Insightvm Rapid7 InsightVM suffers from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. network low complexity rapid7 CWE-613	5.4
2023-03-21	CVE-2023-1543	Insufficient Session Expiration vulnerability in Answer Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. network low complexity answer CWE-613	8.8
2023-03-06	CVE-2023-27891	Insufficient Session Expiration vulnerability in Rami Pretix rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. network low complexity rami CWE-613	7.5
2023-03-01	CVE-2023-22771	Insufficient Session Expiration vulnerability in Arubanetworks Arubaos and Sd-Wan An insufficient session expiration vulnerability exists in the ArubaOS command line interface. network low complexity arubanetworks CWE-613	2.4