Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-01 | CVE-2021-38986 | Insufficient Session Expiration vulnerability in IBM MQ 9.2.0/9.2.0.0/9.2.1.0 IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 5.4 |
| 2022-02-25 | CVE-2022-24332 | Insufficient Session Expiration vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. | 5.3 |
| 2022-02-25 | CVE-2022-24341 | Insufficient Session Expiration vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't terminate sessions of the edited user. | 7.5 |
| 2022-01-28 | CVE-2021-22820 | Insufficient Session Expiration vulnerability in Schneider-Electric products A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain an unauthorized access over a hijacked session to the charger station web server even after the legitimate user account holder has changed his password. | 9.8 |
| 2022-01-26 | CVE-2021-29846 | Insufficient Session Expiration vulnerability in IBM Security Guardium Insights 3.0.0 IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. | 2.7 |
| 2022-01-18 | CVE-2021-37866 | Insufficient Session Expiration vulnerability in Mattermost Boards 0.10.0 Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization. | 7.5 |
| 2022-01-13 | CVE-2022-22113 | Insufficient Session Expiration vulnerability in Daybydaycrm Daybyday In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. | 8.8 |
| 2022-01-10 | CVE-2022-22283 | Insufficient Session Expiration vulnerability in Samsung Health 6.16/6.17/6.19.1.0001 Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App. | 3.3 |
| 2022-01-05 | CVE-2022-21652 | Insufficient Session Expiration vulnerability in Shopware Shopware is an open source e-commerce software platform. | 8.1 |
| 2022-01-03 | CVE-2021-25981 | Insufficient Session Expiration vulnerability in Talkyard In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. | 9.8 |