CWE-613 (不充分的会话过期机制) — Vulnerability Class 296

296 vulnerabilities classified as CWE-613 (不充分的会话过期机制). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-38382	IBM Cloud Pak for Security session fixation — QRadar Suite Software	4.7	Medium	2024-08-13
CVE-2024-42447	Apache Airflow Providers FAB: FAB provider 1.2.1 and 1.2.0 did not let user to logout for Airflow — Apache Airflow Providers FAB	9.1^AI	Critical^AI	2024-08-05
CVE-2023-26288	IBM Aspera Orchestrator session fixation — Aspera Orchestrator	5.5	Medium	2024-07-30
CVE-2022-32759	IBM Security Directory Server information disclosure — Security Directory Integrator	5.3	Medium	2024-07-25
CVE-2024-29070	Apache StreamPark: session not invalidated after logout — Apache StreamPark	6.5^AI	Medium^AI	2024-07-23
CVE-2024-41827	JetBrains TeamCity 安全漏洞 — TeamCity	7.4	High	2024-07-22
CVE-2024-27782	Fortinet FortiAIOps 代码问题漏洞 — FortiAIOps	7.7	High	2024-07-09
CVE-2024-5995	Soar Cloud HR Portal - Insufficient Session Expiration — HR Portal	8.8	High	2024-06-14
CVE-2024-35206	Siemens SINEC Traffic Analyzer 代码问题漏洞 — SINEC Traffic Analyzer	7.7	High	2024-06-11
CVE-2024-4680	Insufficient Session Expiration in zenml-io/zenml — zenml-io/zenml	9.1	-	2024-06-08
CVE-2024-35220	@fastify/session reuses destroyed session cookie — session	7.4	High	2024-05-21
CVE-2024-34709	Directus Lacks Session Tokens Invalidation — directus	5.4	Medium	2024-05-13
CVE-2023-40695	IBM Cognos Controller session fixation — Cognos Controller	6.3	Medium	2024-05-03
CVE-2024-22358	IBM UrbanCode Deploy session fixation — UrbanCode Deploy	6.3	Medium	2024-04-12
CVE-2024-31999	@fastify/secure-session: Reuse of destroyed secure session cookie — fastify-secure-session	7.4	High	2024-04-10
CVE-2024-31995	zcap has incomplete expiration checks in capability chains. — zcap	4.3	Medium	2024-04-10
CVE-2024-30262	Contao's remember-me tokens will not be cleared after a password change — contao	5.9	Medium	2024-04-09
CVE-2024-31447	Shopware has Improper Session Handling in store-api — shopware	5.3	Medium	2024-04-08
CVE-2024-25954	Dell PowerScale OneFS 代码问题漏洞 — PowerScale OneFS	5.3	Medium	2024-03-28
CVE-2024-1623	Insufficient session timeout vulnerability in Sagemcom router — FAST3686 V2 Vodafone	7.7	High	2024-03-14
CVE-2023-45600	AiLux imx6 安全漏洞 — imx6 bundle	5.6	Medium	2024-03-05
CVE-2024-21722	[20240201] - Core - Insufficient session expiration in MFA management views — Joomla! CMS	4.3	-	2024-02-20
CVE-2023-50270	Apache DolphinScheduler: Session do not expire after password change — Apache DolphinScheduler	9.1^AI	Critical^AI	2024-02-20
CVE-2024-21492	caddy-security 安全漏洞 — github.com/greenpau/caddy-security	4.8	Medium	2024-02-17
CVE-2024-25628	Insufficient Session Expiration in alf.io — alf.io	7.6	High	2024-02-16
CVE-2024-25619	Destroying OAuth Applications doesn't notify Streaming of Access Tokens being destroyed in mastodon — mastodon	3.1	Low	2024-02-14
CVE-2024-0008	PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface — PAN-OS	6.6	Medium	2024-02-14
CVE-2024-22389	BIG-IP iControl REST API Vulnerability — BIG-IP	7.2	High	2024-02-14
CVE-2023-45187	IBM Engineering Lifecycle Optimization - Publishing session fixation — Engineering Lifecycle Optimization - Publishing	6.3	Medium	2024-02-09
CVE-2023-50936	IBM PowerSC session fixation — PowerSC	6.3	Medium	2024-02-02

Vulnerabilities classified as CWE-613 (不充分的会话过期机制) represent 296 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-613 (不充分的会话过期机制) — Vulnerability Class 296