Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-20 | CVE-2022-22318 | Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 8.0.0/8.0.1 IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 9.8 |
| 2022-06-13 | CVE-2022-2064 | Insufficient Session Expiration vulnerability in Xgenecloud Nocodb Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+. | 8.8 |
| 2022-06-02 | CVE-2022-30277 | Insufficient Session Expiration vulnerability in BD Synapsys 4.20/4.30 BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. | 5.7 |
| 2022-05-17 | CVE-2022-23669 | Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. | 8.8 |
| 2022-05-10 | CVE-2022-24042 | Insufficient Session Expiration vulnerability in Siemens products A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). | 9.1 |
| 2022-05-06 | CVE-2021-27751 | Insufficient Session Expiration vulnerability in Hcltechsw HCL Commerce HCL Commerce is affected by an Insufficient Session Expiration vulnerability. | 3.3 |
| 2022-04-01 | CVE-2021-3461 | Insufficient Session Expiration vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name]. | 7.1 |
| 2022-03-25 | CVE-2022-25590 | Insufficient Session Expiration vulnerability in Surveyking 0.2.0 SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application. | 6.5 |
| 2022-03-19 | CVE-2022-0991 | Insufficient Session Expiration vulnerability in Admidio Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9. | 7.1 |
| 2022-03-14 | CVE-2022-24743 | Insufficient Session Expiration vulnerability in Sylius Sylius is an open source eCommerce platform. | 8.2 |