Description
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
CVE vulnerabilities with CWE-613 (643)
10.0
CVSS
CRITICAL
CVE-2024-8888
pub. 2024-09-18
9.8
CVSS
CRITICAL
CVE-2025-59841
pub. 2025-09-25
9.8
CVSS
CRITICAL
CVE-2024-13280
pub. 2025-01-09
9.8
CVSS
CRITICAL
CVE-2024-42447
pub. 2024-08-05
9.8
CVSS
CRITICAL
CVE-2024-29401
pub. 2024-03-26
9.8
CVSS
CRITICAL
CVE-2024-25718
pub. 2024-02-11
9.8
CVSS
CRITICAL
CVE-2023-5865
pub. 2023-10-31
9.8
CVSS
CRITICAL
CVE-2023-5838
pub. 2023-10-29
9.8
CVSS
CRITICAL
CVE-2023-4005
pub. 2023-07-31
9.8
CVSS
CRITICAL
CVE-2023-35857
pub. 2023-06-19
9.8
CVSS
CRITICAL
CVE-2023-1788
pub. 2023-04-05
9.8
CVSS
CRITICAL
CVE-2022-36179
pub. 2022-11-22
9.8
CVSS
CRITICAL
CVE-2022-4070
pub. 2022-11-20
9.8
CVSS
CRITICAL
CVE-2022-3362
pub. 2022-11-14
9.8
CVSS
CRITICAL
CVE-2022-2713
pub. 2022-08-08
9.8
CVSS
CRITICAL
CVE-2022-22317
pub. 2022-06-20
9.8
CVSS
CRITICAL
CVE-2022-22318
pub. 2022-06-20
9.8
CVSS
CRITICAL
CVE-2021-25992
pub. 2022-02-10
9.8
CVSS
CRITICAL
CVE-2021-22820
pub. 2022-01-28
9.8
CVSS
CRITICAL
CVE-2021-25981
pub. 2022-01-03
Showing 20 of 643 vulnerabilities