CWE-613
Allowed-with-ReviewInsufficient Session Expiration
Abstraction: Base · Status: Incomplete
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
872 vulnerabilities reference this CWE, most recent first.
GHSA-W267-M9C4-8555
Vulnerability from github – Published: 2022-03-10 17:37 – Updated: 2022-03-18 20:12Impact
User session is not logged out if the password is reset via password recovery
Patches
Fixed in 6.4.8.1, maintainers recommend updating to the current version 6.4.8.2. You can get the update to 6.4.8.2 regularly via the Auto-Updater or directly via the download overview.
https://www.shopware.com/en/download/#shopware-6
Workarounds
For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
https://store.shopware.com/en/detail/index/sArticle/518463/number/Swag136939272659
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.4.8.0"
},
"package": {
"ecosystem": "Packagist",
"name": "shopware/platform"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.4.8.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.4.8.0"
},
"package": {
"ecosystem": "Packagist",
"name": "shopware/core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.4.8.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24744"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": true,
"github_reviewed_at": "2022-03-10T17:37:43Z",
"nvd_published_at": "2022-03-09T23:15:00Z",
"severity": "LOW"
},
"details": "### Impact\nUser session is not logged out if the password is reset via password recovery\n\n## Patches\nFixed in 6.4.8.1, maintainers recommend updating to the current version 6.4.8.2. You can get the update to 6.4.8.2 regularly via the Auto-Updater or directly via the download overview.\n\nhttps://www.shopware.com/en/download/#shopware-6\n\n## Workarounds\nFor older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.\n\nhttps://store.shopware.com/en/detail/index/sArticle/518463/number/Swag136939272659",
"id": "GHSA-w267-m9c4-8555",
"modified": "2022-03-18T20:12:59Z",
"published": "2022-03-10T17:37:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/shopware/platform/security/advisories/GHSA-w267-m9c4-8555"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24744"
},
{
"type": "WEB",
"url": "https://github.com/shopware/core/commit/324cd1b57db58481df1b1d0030ffc307e2d9fe64"
},
{
"type": "WEB",
"url": "https://github.com/shopware/platform/commit/47b4b094c13f62db860be2f431138bb45c0bd0b6"
},
{
"type": "WEB",
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-02-2022?category=security-updates"
},
{
"type": "PACKAGE",
"url": "https://github.com/shopware/platform"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Shopware user session is not logged out if the password is reset via password recovery"
}
GHSA-W2HR-3MC8-46GH
Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2024-10-23 18:26In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2015.8.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2016.3.0"
},
{
"fixed": "2016.11.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2016.11.7"
},
{
"fixed": "2016.11.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2017.5.0"
},
{
"fixed": "2017.7.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2018.2.0"
},
{
"last_affected": "2018.3.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "3000"
},
{
"fixed": "3000.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "3001"
},
{
"fixed": "3001.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "3002"
},
{
"fixed": "3002.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2019.2.0"
},
{
"fixed": "2019.2.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-3144"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-22T21:16:56Z",
"nvd_published_at": "2021-02-27T05:15:00Z",
"severity": "CRITICAL"
},
"details": "In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)",
"id": "GHSA-w2hr-3mc8-46gh",
"modified": "2024-10-23T18:26:56Z",
"published": "2022-05-24T17:43:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3144"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-5011"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-22"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202103-01"
},
{
"type": "WEB",
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/releases"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L26"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L26"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L26"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2373"
},
{
"type": "PACKAGE",
"url": "https://github.com/saltstack/salt"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-54.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "SaltStack Salt eauth tokens can be used once after expiration"
}
GHSA-W2MH-QQ9Q-453X
Vulnerability from github – Published: 2026-06-21 12:30 – Updated: 2026-06-21 12:30A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function get_redirect_response_from_openid of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.
{
"affected": [],
"aliases": [
"CVE-2026-12796"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-21T10:16:15Z",
"severity": "LOW"
},
"details": "A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function get_redirect_response_from_openid of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.",
"id": "GHSA-w2mh-qq9q-453x",
"modified": "2026-06-21T12:30:52Z",
"published": "2026-06-21T12:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12796"
},
{
"type": "WEB",
"url": "https://gist.github.com/YLChen-007/5fa8af12e1b183674d7ca96d852fb697"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-12796"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/811287"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/372558"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/372558/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W44M-X962-X72W
Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-05-24 19:02In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was caused by background polling activities unintentionally extending authenticated users sessions, preventing a user session from timing out.
{
"affected": [],
"aliases": [
"CVE-2021-22136"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-13T18:15:00Z",
"severity": "LOW"
},
"details": "In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was caused by background polling activities unintentionally extending authenticated users sessions, preventing a user session from timing out.",
"id": "GHSA-w44m-x962-x72w",
"modified": "2022-05-24T19:02:20Z",
"published": "2022-05-24T19:02:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22136"
},
{
"type": "WEB",
"url": "https://discuss.elastic.co/t/elastic-stack-7-12-0-and-6-8-15-security-update/268125"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-W45P-45QW-Q65M
Vulnerability from github – Published: 2024-09-28 00:30 – Updated: 2024-10-07 15:31HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.
{
"affected": [],
"aliases": [
"CVE-2024-23586"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-27T22:15:12Z",
"severity": "MODERATE"
},
"details": "HCL Nomad is susceptible to an insufficient session expiration vulnerability. \u00a0 Under certain circumstances, an unauthenticated attacker could obtain old session information.",
"id": "GHSA-w45p-45qw-q65m",
"modified": "2024-10-07T15:31:38Z",
"published": "2024-09-28T00:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23586"
},
{
"type": "WEB",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0115264"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-W48J-GQ3H-J3J3
Vulnerability from github – Published: 2026-01-07 18:30 – Updated: 2026-01-07 18:30Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K.
{
"affected": [],
"aliases": [
"CVE-2025-4677"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-07T18:15:48Z",
"severity": "HIGH"
},
"details": "Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K.",
"id": "GHSA-w48j-gq3h-j3j3",
"modified": "2026-01-07T18:30:26Z",
"published": "2026-01-07T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4677"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000009\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W554-4R4H-32FV
Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2024-04-04 00:32A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account.
{
"affected": [],
"aliases": [
"CVE-2018-6634"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-07T20:29:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in Parsec Windows 142-0 and Parsec \u0027Linux Ubuntu 16.04 LTS Desktop\u0027 Build 142-1 allows unauthorized users to maintain access to an account.",
"id": "GHSA-w554-4r4h-32fv",
"modified": "2024-04-04T00:32:49Z",
"published": "2022-05-24T16:45:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6634"
},
{
"type": "WEB",
"url": "https://twitter.com/VixusFoxy/status/1125697484498583553"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W5MG-8GPQ-PMWQ
Vulnerability from github – Published: 2022-05-13 01:20 – Updated: 2022-05-13 01:20XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS), version 1, advanced server may have an unintentional prolonged period of validity. Consequently, a platform user could access controller resources via active CLI session even after corresponding authorizations have been revoked meanwhile by an administrator user. Similarly, an attacker who managed to gain access to the platform user's session might misuse the session token even after the session has been closed.
{
"affected": [],
"aliases": [
"CVE-2018-2451"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-08-14T16:29:00Z",
"severity": "MODERATE"
},
"details": "XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS), version 1, advanced server may have an unintentional prolonged period of validity. Consequently, a platform user could access controller resources via active CLI session even after corresponding authorizations have been revoked meanwhile by an administrator user. Similarly, an attacker who managed to gain access to the platform user\u0027s session might misuse the session token even after the session has been closed.",
"id": "GHSA-w5mg-8gpq-pmwq",
"modified": "2022-05-13T01:20:00Z",
"published": "2022-05-13T01:20:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2451"
},
{
"type": "WEB",
"url": "https://launchpad.support.sap.com/#/notes/2590705"
},
{
"type": "WEB",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105091"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W6CC-5826-4FQ3
Vulnerability from github – Published: 2026-02-27 00:31 – Updated: 2026-03-05 21:30The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.
{
"affected": [],
"aliases": [
"CVE-2026-20895"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-27T00:16:56Z",
"severity": "HIGH"
},
"details": "The WebSocket backend uses charging station identifiers to uniquely \nassociate sessions but allows multiple endpoints to connect using the \nsame session identifier. This implementation results in predictable \nsession identifiers and enables session hijacking or shadowing, where \nthe most recent connection displaces the legitimate charging station and\n receives backend commands intended for that station. This vulnerability\n may allow unauthorized users to authenticate as other users or enable a\n malicious actor to cause a denial-of-service condition by overwhelming \nthe backend with valid session requests.",
"id": "GHSA-w6cc-5826-4fq3",
"modified": "2026-03-05T21:30:27Z",
"published": "2026-02-27T00:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20895"
},
{
"type": "WEB",
"url": "https://ev2go.io"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-057-04.json"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-057-04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W6WM-HQX9-7CQ8
Vulnerability from github – Published: 2026-02-24 21:31 – Updated: 2026-02-27 03:30Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token (X-User-Token) with insufficient expiration. An attacker who obtains a valid token (for example via interception, log exposure, or token reuse on a shared system) can continue to authenticate to the management interface until the token is revoked, enabling unauthorized access to device functions and data.
{
"affected": [],
"aliases": [
"CVE-2026-26342"
],
"database_specific": {
"cwe_ids": [
"CWE-613"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-24T20:27:48Z",
"severity": "HIGH"
},
"details": "Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token (X-User-Token) with insufficient expiration. An attacker who obtains a valid token (for example via interception, log exposure, or token reuse on a shared system) can continue to authenticate to the management interface until the token is revoked, enabling unauthorized access to device functions and data.",
"id": "GHSA-w6wm-hqx9-7cq8",
"modified": "2026-02-27T03:30:26Z",
"published": "2026-02-24T21:31:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26342"
},
{
"type": "WEB",
"url": "https://www.tattile.com"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/tattile-smart-vega-basic-insufficient-session-token-expiration"
},
{
"type": "WEB",
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5976.php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Set sessions/credentials expiration date.
No CAPEC attack patterns related to this CWE.