CWE-613 (不充分的会话过期机制) — Vulnerability Class 296

296 vulnerabilities classified as CWE-613 (不充分的会话过期机制). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-1968	Progress Sitefinity 代码问题漏洞 — Sitefinity	7.7	High	2025-04-09
CVE-2024-25051	IBM Jazz Reporting Service insufficient session expiration — Jazz Reporting Service	6.6	Medium	2025-04-02
CVE-2025-2596	Session logout can be overwritten by long lasting request — Checkmk	7.1^AI	High^AI	2025-03-26
CVE-2025-1198	Insufficient Session Expiration in GitLab — GitLab	4.2	Medium	2025-02-13
CVE-2025-24973	Concorde not removing authentication tokens after logging out — concorde	9.4	Critical	2025-02-11
CVE-2025-24896	Misskey allows token to remain valid in cookie after signing out — misskey	8.1	High	2025-02-11
CVE-2024-45386	Siemens SIMATIC PCS和Siemens TIA Administrator 代码问题漏洞 — SIMATIC PCS neo V4.0	8.8	High	2025-02-11
CVE-2024-13280	Persistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044 — Persistent Login	9.1	-	2025-01-09
CVE-2024-45033	Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli — Apache Airflow Fab Provider	8.8	-	2025-01-08
CVE-2024-11627	Progress Sitefinity 安全漏洞 — Sitefinity	6.8	Medium	2025-01-07
CVE-2025-22386	Optimizely Configured Commerce 安全漏洞 — n/a	5.3	-	2025-01-04
CVE-2024-56413	Acronis Cyber Protect 代码问题漏洞 — Acronis Cyber Protect 16	9.1	-	2025-01-02
CVE-2024-56351	JetBrains TeamCity 代码问题漏洞 — TeamCity	6.3	Medium	2024-12-20
CVE-2024-55603	Insufficient session invalidation in Kanboard — kanboard	6.5	Medium	2024-12-18
CVE-2024-12667	InvoicePlane view session expiration — InvoicePlane	3.7	Low	2024-12-16
CVE-2024-11668	Insufficient Session Expiration in GitLab — GitLab	4.2	Medium	2024-11-26
CVE-2024-35160	IBM Watson Query on Cloud Pak for Data and IBM Db2 Big SQL on Cloud Pak for Data information disclosure — Watson Query for Cloud Pak for Data	4.3	Medium	2024-11-23
CVE-2024-11208	Apereo CAS login session expiration — CAS	3.7	Low	2024-11-14
CVE-2024-46892	Siemens SINEC INS 代码问题漏洞 — SINEC INS	4.9	Medium	2024-11-12
CVE-2024-52311	data.all does not invalidate authentication token upon user logout — data.all	6.3	Medium	2024-11-09
CVE-2024-48926	Umbraco CMS logout page displayed before session expiration — Umbraco-CMS	4.2	Medium	2024-10-22
CVE-2024-45462	Apache CloudStack: Incomplete session invalidation on web interface logout — Apache CloudStack	6.3	Medium	2024-10-16
CVE-2024-43685	Session token fixation in TimeProvider 4100 — TimeProvider 4100	8.8	-	2024-10-04
CVE-2024-23586	An insufficient session timeout vulnerability affects HCL Nomad server on Domino — Nomad server on Domino	5.3	Medium	2024-09-27
CVE-2024-8888	Insufficient Session Expiration vulnerability on CIRCUTOR Q-SMT — CIRCUTOR Q-SMT	10.0	Critical	2024-09-18
CVE-2024-38315	IBM Aspera Shares session fixation — Aspera Shares	6.3	Medium	2024-09-16
CVE-2024-32006	Siemens SINEMA Remote Connect 安全漏洞 — SINEMA Remote Connect Client	4.3	Medium	2024-09-10
CVE-2024-45187	Mage AI allows deleted users to use the terminal server with admin access, leading to remote code execution	7.1	High	2024-08-23
CVE-2024-39809	BIG-IP Next Central Manager vulnerability — BIG-IP Next Central Manager	7.5	High	2024-08-14
CVE-2022-45862	Fortinet多款产品代码问题漏洞 — FortiPAM	3.5	Low	2024-08-13

Vulnerabilities classified as CWE-613 (不充分的会话过期机制) represent 296 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-613 (不充分的会话过期机制) — Vulnerability Class 296