Vulnerabilities > Insufficient Session Expiration

DATE CVE VULNERABILITY TITLE RISK
2022-08-01 CVE-2022-30699 Insufficient Session Expiration vulnerability in multiple products
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack.
network
low complexity
nlnetlabs fedoraproject CWE-613
6.5
2022-07-12 CVE-2022-33137 Insufficient Session Expiration vulnerability in Siemens products
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3).
network
low complexity
siemens CWE-613
8.0
2022-06-20 CVE-2022-22317 Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 8.0.0/8.0.1
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-613
critical
9.8
2022-06-20 CVE-2022-22318 Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 8.0.0/8.0.1
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-613
critical
9.8
2022-06-13 CVE-2022-2064 Insufficient Session Expiration vulnerability in Xgenecloud Nocodb
Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+.
network
low complexity
xgenecloud CWE-613
8.8
2022-06-02 CVE-2022-30277 Insufficient Session Expiration vulnerability in BD Synapsys 4.20/4.30
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability.
low complexity
bd CWE-613
5.7
2022-05-17 CVE-2022-23669 Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-613
8.8
2022-05-10 CVE-2022-24042 Insufficient Session Expiration vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens CWE-613
critical
9.1
2022-05-06 CVE-2021-27751 Insufficient Session Expiration vulnerability in Hcltechsw HCL Commerce
HCL Commerce is affected by an Insufficient Session Expiration vulnerability.
local
low complexity
hcltechsw CWE-613
3.3
2022-04-01 CVE-2021-3461 Insufficient Session Expiration vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
local
low complexity
redhat CWE-613
7.1