Vulnerabilities > Insufficient Session Expiration

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-05	CVE-2023-1788	Insufficient Session Expiration vulnerability in Firefly-Iii Firefly III Insufficient Session Expiration in GitHub repository firefly-iii/firefly-iii prior to 6. network low complexity firefly-iii CWE-613 critical	9.8
2023-04-05	CVE-2023-1854	Insufficient Session Expiration vulnerability in Online Graduate Tracer System Project Online Graduate Tracer System 1.0 A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. network low complexity online-graduate-tracer-system-project CWE-613 critical	9.8
2023-03-28	CVE-2023-20903	Insufficient Session Expiration vulnerability in Cloudfoundry User Account and Authentication This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates the identity provider from the UAA. network low complexity cloudfoundry CWE-613	4.3
2023-03-24	CVE-2021-3844	Insufficient Session Expiration vulnerability in Rapid7 Insightvm Rapid7 InsightVM suffers from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. network low complexity rapid7 CWE-613	5.4
2023-03-21	CVE-2023-1543	Insufficient Session Expiration vulnerability in Answer Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. network low complexity answer CWE-613	8.8
2023-03-15	CVE-2023-22591	Insufficient Session Expiration vulnerability in IBM products IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. low complexity ibm CWE-613	3.2
2023-03-06	CVE-2023-27891	Insufficient Session Expiration vulnerability in Rami Pretix rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. network low complexity rami CWE-613	7.5
2023-03-04	CVE-2023-23929	Insufficient Session Expiration vulnerability in Vantage6 vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. network low complexity vantage6 CWE-613	8.8
2023-03-01	CVE-2023-22771	Insufficient Session Expiration vulnerability in Arubanetworks Arubaos and Sd-Wan An insufficient session expiration vulnerability exists in the ArubaOS command line interface. network low complexity arubanetworks CWE-613	2.4
2023-02-20	CVE-2022-48317	Insufficient Session Expiration vulnerability in Checkmk 2.0.0/2.1.0 Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI. network low complexity checkmk CWE-613 critical	9.8