Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-613 (不充分的会话过期机制) — Vulnerability Class 296

296 vulnerabilities classified as CWE-613 (不充分的会话过期机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-32318 User session not correctly destroyed on logout — security-advisories 7.2 High2023-05-26
CVE-2023-31065 Apache InLong: Insufficient Session Expiration in InLong — Apache InLong 9.8 -2023-05-22
CVE-2023-31139 DHIS2 Core unrestricted session cookies with Personal Access Tokens — dhis2-core 4.3 Medium2023-05-09
CVE-2023-31140 OpenProject user sessions not terminated after activation of 2FA — openproject 4.8 Medium2023-05-08
CVE-2020-4914 IBM Cloud Pak System Software Suite session fixation — Cloud Pak System Software Suite 4.2 Medium2023-05-05
CVE-2022-38707 IBM Cognos Command Center information disclosure — Cognos Command Center 4.0 Medium2023-05-05
CVE-2023-28003 Schneider Electric EcoStruxure Power Monitoring Expert 代码问题漏洞 — EcoStruxure Power Monitoring Expert 6.7 Medium2023-04-18
CVE-2023-1854 SourceCodester Online Graduate Tracer System session expiration — Online Graduate Tracer System 4.7 Medium2023-04-05
CVE-2023-1788 Insufficient Session Expiration in firefly-iii/firefly-iii — firefly-iii/firefly-iii 9.8 -2023-04-05
CVE-2021-3844 Rapid7 InsightVM Insufficient Session Expiration — InsightVM 5.7 Medium2023-03-24
CVE-2023-1543 Insufficient Session Expiration in answerdev/answer — answerdev/answer 9.8 -2023-03-21
CVE-2023-22591 IBM Robotic Process Automation session fixation — Robotic Process Automation 3.9 Low2023-03-15
CVE-2023-23929 Refresh tokens do not expire in Vantage6 — vantage6 8.8 High2023-03-03
CVE-2022-48317 Insecure Termination of RestAPI Session Tokens — Checkmk 5.6 Medium2023-02-20
CVE-2023-25562 Failure to Invalidate Session on Logout in DataHub — datahub 6.9 Medium2023-02-10
CVE-2022-34392 Dell SupportAssist for Home PCs 代码问题漏洞 — SupportAssist 5.5 Medium2023-02-10
CVE-2023-23614 Improper session handling of "Remember me for 7 days" functionality — AdminLTE 8.8 High2023-01-26
CVE-2023-22732 Insufficient Session Expiration in Administration in shopware — platform 3.7 Low2023-01-17
CVE-2023-0227 Insufficient Session Expiration in pyload/pyload — pyload/pyload 9.8 -2023-01-12
CVE-2023-22492 RefreshToken invalidation vulnerability — zitadel 5.9 Medium2023-01-11
CVE-2022-46177 Discourse password reset link can lead to in account takeover if user changes to a new email — discourse 5.7 Medium2023-01-05
CVE-2022-43844 IBM Robotic Process Automation for Cloud Pak session fixation — Robotic Process Automation for Cloud Pak 8.1 -2023-01-05
CVE-2022-22371 IBM Sterling B2B Integrator Standard Edition session fixation — Sterling B2B Integrator Standard Edition 5.5 Medium2023-01-04
CVE-2022-23502 TYPO3 contains Insufficient Session Expiration after Password Reset — typo3 5.4 Medium2022-12-14
CVE-2022-40228 IBM DataPower Gateway session fixation — DataPower Gateway 3.7 Low2022-11-22
CVE-2022-4070 Insufficient Session Expiration in librenms/librenms — librenms/librenms 9.8 -2022-11-20
CVE-2022-3362 Insufficient Session Expiration in ikus060/rdiffweb — ikus060/rdiffweb 9.8 -2022-11-14
CVE-2022-3867 Nomad Event Stream Subscriber Using a Token with TTL Receives Updates Until Garbage Collected — Nomad 2.7 Low2022-11-10
CVE-2022-39234 user session persists even after permanently deleting account in GLPI — glpi 4.7 Medium2022-11-03
CVE-2022-41672 Session still functional after user is deactivated — Apache Airflow 8.1 -2022-10-07

Vulnerabilities classified as CWE-613 (不充分的会话过期机制) represent 296 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.