CWE-613
Insufficient Session Expiration
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
CVE-2023-4320 (GCVE-0-2023-4320)
Vulnerability from cvelistv5
Published
2023-12-18 13:43
Modified
2025-08-30 11:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:2010 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-4320 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2231814 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Red Hat | Red Hat Satellite 6.15 for RHEL 8 |
Unaffected: 0:3.9.1.6-1.el8sat < * cpe:/a:redhat:satellite_capsule:6.15::el8 cpe:/a:redhat:satellite_utils:6.15::el8 cpe:/a:redhat:satellite_maintenance:6.15::el8 cpe:/a:redhat:satellite:6.15::el8 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:2010",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2010"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4320"
},
{
"name": "RHBZ#2231814",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231814"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.15::el8",
"cpe:/a:redhat:satellite_utils:6.15::el8",
"cpe:/a:redhat:satellite_maintenance:6.15::el8",
"cpe:/a:redhat:satellite:6.15::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.15 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.9.1.6-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.15::el8",
"cpe:/a:redhat:satellite_utils:6.15::el8",
"cpe:/a:redhat:satellite_maintenance:6.15::el8",
"cpe:/a:redhat:satellite:6.15::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.15 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.9.1.6-1.el8sat",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite_capsule:6.15::el8",
"cpe:/a:redhat:satellite_utils:6.15::el8",
"cpe:/a:redhat:satellite_maintenance:6.15::el8",
"cpe:/a:redhat:satellite:6.15::el8"
],
"defaultStatus": "affected",
"packageName": "foreman",
"product": "Red Hat Satellite 6.15 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.9.1.6-1.el8sat",
"versionType": "rpm"
}
]
}
],
"datePublic": "2023-08-14T09:03:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system\u0027s integrity."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-30T11:45:57.889Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:2010",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2010"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4320"
},
{
"name": "RHBZ#2231814",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231814"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-08-14T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-08-14T09:03:00+00:00",
"value": "Made public."
}
],
"title": "Satellite: arithmetic overflow in satellite",
"x_redhatCweChain": "CWE-613: Insufficient Session Expiration"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4320",
"datePublished": "2023-12-18T13:43:07.747Z",
"dateReserved": "2023-08-14T08:42:02.181Z",
"dateUpdated": "2025-08-30T11:45:57.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22351 (GCVE-0-2024-22351)
Vulnerability from cvelistv5
Published
2025-04-23 22:15
Modified
2025-09-01 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/7229921 | vendor-advisory, patch |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | InfoSphere Information Server |
Version: 11.7 cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T12:56:02.437235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T13:07:16.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "InfoSphere Information Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "11.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system."
}
],
"value": "IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-01T00:37:57.724Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7229921"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM InfoSphere Information Server session fixation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-22351",
"datePublished": "2025-04-23T22:15:49.142Z",
"dateReserved": "2024-01-08T23:42:25.451Z",
"dateUpdated": "2025-09-01T00:37:57.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25051 (GCVE-0-2024-25051)
Vulnerability from cvelistv5
Published
2025-04-02 14:57
Modified
2025-09-01 10:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/7229760 | vendor-advisory, patch |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Jazz Reporting Service |
Version: 7.0.2 Version: 7.0.3 cpe:2.3:a:ibm:jazz_reporting_service:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T03:55:28.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:jazz_reporting_service:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:jazz_reporting_service:7.0.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Jazz Reporting Service",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system."
}
],
"value": "IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-01T10:14:53.515Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7229760"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Jazz Reporting Service insufficient session expiration",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-25051",
"datePublished": "2025-04-02T14:57:12.391Z",
"dateReserved": "2024-02-03T14:49:33.094Z",
"dateUpdated": "2025-09-01T10:14:53.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27779 (GCVE-0-2024-27779)
Vulnerability from cvelistv5
Published
2025-07-18 07:58
Modified
2025-07-19 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Improper access control
Summary
An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, 2.1 all versions, 2.0 all versions, 1.2 all versions may allow a remote attacker in possession of an admin session cookie to keep using that admin's session even after the admin user was deleted.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSandbox |
Version: 4.4.0 ≤ 4.4.4 Version: 4.2.0 ≤ 4.2.6 Version: 4.0.0 ≤ 4.0.6 Version: 3.2.0 ≤ 3.2.4 cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:3.2.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-19T03:55:13.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisandbox:3.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSandbox",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "4.4.4",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.2.6",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.6",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "3.2.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiisolator:2.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:1.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:1.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiisolator:1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiIsolator",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "2.4.4",
"status": "affected",
"version": "2.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.3.4",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"lessThanOrEqual": "2.1.2",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.2",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, 2.1 all versions, 2.0 all versions, 1.2 all versions may allow a remote attacker in possession of an admin session cookie to keep using that admin\u0027s session even after the admin user was deleted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T07:58:23.943Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-035",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-035"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiSandbox version 4.4.5 or above \nPlease upgrade to FortiSandbox version 4.2.7 or above \nPlease upgrade to FortiIsolator version 2.4.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-27779",
"datePublished": "2025-07-18T07:58:23.943Z",
"dateReserved": "2024-02-26T14:46:31.334Z",
"dateUpdated": "2025-07-19T03:55:13.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41985 (GCVE-0-2024-41985)
Vulnerability from cvelistv5
Published
2025-08-12 11:16
Modified
2025-08-12 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SmartClient modules Opcenter QL Home (SC) |
Version: V13.2 < V2506 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41985",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-12T19:24:10.939392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T19:25:28.707Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SmartClient modules Opcenter QL Home (SC)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2506",
"status": "affected",
"version": "V13.2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SOA Audit",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2506",
"status": "affected",
"version": "V13.2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SOA Cockpit",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2506",
"status": "affected",
"version": "V13.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions \u003e= V13.2 \u003c V2506), SOA Audit (All versions \u003e= V13.2 \u003c V2506), SOA Cockpit (All versions \u003e= V13.2 \u003c V2506). The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T11:16:41.301Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-382999.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-41985",
"datePublished": "2025-08-12T11:16:41.301Z",
"dateReserved": "2024-07-25T12:46:30.322Z",
"dateUpdated": "2025-08-12T19:25:28.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43685 (GCVE-0-2024-43685)
Vulnerability from cvelistv5
Published
2024-10-04 19:48
Modified
2025-08-29 20:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Version: 1.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:microchip:timeprovider_4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "timeprovider_4100_firmware",
"vendor": "microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43685",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:24:58.808883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:15:46.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"login"
],
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0 before 2.4.7.\u003c/p\u003e"
}
],
"value": "Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:21:47.659Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-session-token-fixation"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"source": {
"advisory": "PSIRT-86",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "Session token fixation in TimeProvider 4100",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations.\n\n\u003cbr\u003e"
}
],
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-43685",
"datePublished": "2024-10-04T19:48:53.595Z",
"dateReserved": "2024-08-14T15:39:44.265Z",
"dateUpdated": "2025-08-29T20:21:47.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45651 (GCVE-0-2024-45651)
Vulnerability from cvelistv5
Published
2025-04-18 11:04
Modified
2025-09-01 00:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0
does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/7231178 | vendor-advisory, patch |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct Web Services |
Version: 6.1.0 Version: 6.2.0 Version: 6.3.0 cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.1.0.0:*:*:*:*:windows:*:* cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.2.0.0:*:*:*:*:windows:*:* cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.3.0.0:*:*:*:*:windows:*:* cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.1.0.0:*:*:*:*:unix:*:* cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.2.0.0:*:*:*:*:unix:*:* cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.3.0.0:*:*:*:*:unix:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45651",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T11:26:24.430299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T11:26:34.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.1.0.0:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.2.0.0:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.3.0.0:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.1.0.0:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.2.0.0:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.3.0.0:*:*:*:*:unix:*:*"
],
"defaultStatus": "unaffected",
"product": "Sterling Connect:Direct Web Services",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1.0"
},
{
"status": "affected",
"version": "6.2.0"
},
{
"status": "affected",
"version": "6.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edoes not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system.\u003c/span\u003e"
}
],
"value": "IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 \n\ndoes not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-01T00:41:10.652Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7231178"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Sterling Connect:Direct Web Services session fixation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-45651",
"datePublished": "2025-04-18T11:04:55.508Z",
"dateReserved": "2024-09-03T13:50:26.295Z",
"dateUpdated": "2025-09-01T00:41:10.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49825 (GCVE-0-2024-49825)
Vulnerability from cvelistv5
Published
2025-04-14 14:53
Modified
2025-09-01 00:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.20 and 23.0.0 through 23.0.20 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/7230848 | vendor-advisory, patch |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | Robotic Process Automation |
Version: 21.0.0 ≤ 21.0.7.20 Version: 23.0.0 ≤ 23.0.20 cpe:2.3:a:ibm:robotic_process_automation:21.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:robotic_process_automation:21.0.7.20:*:*:*:*:*:*:* cpe:2.3:a:ibm:robotic_process_automation:23.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:robotic_process_automation:23.0.20:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49825",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T15:03:12.570664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T15:03:24.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:robotic_process_automation:21.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:robotic_process_automation:21.0.7.20:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:robotic_process_automation:23.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:robotic_process_automation:23.0.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Robotic Process Automation",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "21.0.7.20",
"status": "affected",
"version": "21.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "23.0.20",
"status": "affected",
"version": "23.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:21.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:21.0.7.20:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:23.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:23.0.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Robotic Process Automation for Cloud Pak",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "21.0.7.20",
"status": "affected",
"version": "21.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "23.0.20",
"status": "affected",
"version": "23.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.20 and 23.0.0 through 23.0.20 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system."
}
],
"value": "IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.20 and 23.0.0 through 23.0.20 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-01T00:54:05.019Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7230848"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Robotic Process Automation session fixation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-49825",
"datePublished": "2025-04-14T14:53:40.800Z",
"dateReserved": "2024-10-20T13:40:37.122Z",
"dateUpdated": "2025-09-01T00:54:05.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10223 (GCVE-0-2025-10223)
Vulnerability from cvelistv5
Published
2025-09-10 12:35
Modified
2025-09-10 13:24
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed privileges via continued use of an unexpired session token until natural expiration.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:22:15.826898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T13:24:30.194Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "AxxonOne",
"vendor": "AxxonSoft",
"versions": [
{
"lessThanOrEqual": "2.0.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Discovered internally during access control regression testing."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed privileges via continued use of an unexpired session token until natural expiration."
}
],
"value": "Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed privileges via continued use of an unexpired session token until natural expiration."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T12:35:32.800Z",
"orgId": "15ede60e-6fda-426e-be9c-e788f151a377",
"shortName": "AxxonSoft"
},
"references": [
{
"url": "https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to \u003cstrong\u003e2.0.3 or later\u003c/strong\u003e, where Web UI enforces forced logout when role changes occur.\n\n\u003cbr\u003e"
}
],
"value": "Upgrade to 2.0.3 or later, where Web UI enforces forced logout when role changes occur."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Session Cleanup on Role Removal in Web Admin Panel in AxxonSoft Axxon One",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On earlier versions, administrators should \u003cstrong\u003emanually log out users\u003c/strong\u003e when changing access rights.\n\n\u003cbr\u003e"
}
],
"value": "On earlier versions, administrators should manually log out users when changing access rights."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "15ede60e-6fda-426e-be9c-e788f151a377",
"assignerShortName": "AxxonSoft",
"cveId": "CVE-2025-10223",
"datePublished": "2025-09-10T12:35:32.800Z",
"dateReserved": "2025-09-10T12:35:13.351Z",
"dateUpdated": "2025-09-10T13:24:30.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25019 (GCVE-0-2025-25019)
Vulnerability from cvelistv5
Published
2025-06-03 15:14
Modified
2025-08-24 12:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which could allow a user to impersonate another user on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/7235432 | vendor-advisory, patch |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | QRadar Suite Software |
Version: 1.10.12.0 ≤ 1.11.2.0 cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25019",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T15:37:41.962137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T15:37:53.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "QRadar Suite Software",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "1.11.2.0",
"status": "affected",
"version": "1.10.12.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Cloud Pak for Security",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "1.10.11.0",
"status": "affected",
"version": "1.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which could allow a user to impersonate another user on the system."
}
],
"value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session after a logout which could allow a user to impersonate another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-24T12:00:16.388Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7235432"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM strongly encourages customers to update their systems promptly.\u003cbr\u003e\u003cbr\u003ePlease upgrade to at least version 1.11.3.0 according to the following instructions:\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing\"\u003ehttps://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading\"\u003ehttps://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "IBM strongly encourages customers to update their systems promptly.\n\nPlease upgrade to at least version 1.11.3.0 according to the following instructions:\n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing \n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM QRadar Suite Software and IBM Cloud Pak for Security session fixation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-25019",
"datePublished": "2025-06-03T15:14:47.341Z",
"dateReserved": "2025-01-31T16:26:45.223Z",
"dateUpdated": "2025-08-24T12:00:16.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Implementation
Description:
- Set sessions/credentials expiration date.
No CAPEC attack patterns related to this CWE.