CWE-613
Insufficient Session Expiration
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
CVE-2025-46336 (GCVE-0-2025-46336)
Vulnerability from cvelistv5 – Published: 2025-05-08 19:26 – Updated: 2025-05-08 20:18
VLAI
Title
Rack session gets restored after deletion
Summary
Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. This issue has been patched in version 2.1.1.
Severity
4.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/rack/rack-session/security/adv… | x_refsource_CONFIRM |
| https://github.com/rack/rack/security/advisories/… | x_refsource_MISC |
| https://github.com/rack/rack-session/commit/c28c4… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| rack | rack-session |
Affected:
>= 2.0.0, < 2.1.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T20:18:09.543353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T20:18:38.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "rack-session",
"vendor": "rack",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. This issue has been patched in version 2.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T19:26:01.638Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rack/rack-session/security/advisories/GHSA-9j94-67jr-4cqj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack-session/security/advisories/GHSA-9j94-67jr-4cqj"
},
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-vpfw-47h7-xj4g",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-vpfw-47h7-xj4g"
},
{
"name": "https://github.com/rack/rack-session/commit/c28c4a8c1861d814e09f2ae48264ac4c40be2d3b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack-session/commit/c28c4a8c1861d814e09f2ae48264ac4c40be2d3b"
}
],
"source": {
"advisory": "GHSA-9j94-67jr-4cqj",
"discovery": "UNKNOWN"
},
"title": "Rack session gets restored after deletion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46336",
"datePublished": "2025-05-08T19:26:01.638Z",
"dateReserved": "2025-04-22T22:41:54.911Z",
"dateUpdated": "2025-05-08T20:18:38.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46344 (GCVE-0-2025-46344)
Vulnerability from cvelistv5 – Published: 2025-04-29 20:43 – Updated: 2025-04-30 13:17
VLAI
Title
Auth0 NextJS SDK v4 Missing Session Invalidation
Summary
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke `.setExpirationTime` when generating a JWE token for the session. As a result, the JWE does not contain an internal expiration claim. While the session cookie may expire or be cleared, the JWE remains valid. This issue has been patched in version 4.5.1.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/auth0/nextjs-auth0/security/ad… | x_refsource_CONFIRM |
| https://github.com/auth0/nextjs-auth0/commit/a4f0… | x_refsource_MISC |
| https://github.com/auth0/nextjs-auth0/releases/ta… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| auth0 | nextjs-auth0 |
Affected:
>= 4.0.1, < 4.5.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46344",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T13:17:34.099127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T13:17:43.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nextjs-auth0",
"vendor": "auth0",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.1, \u003c 4.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke `.setExpirationTime` when generating a JWE token for the session. As a result, the JWE does not contain an internal expiration claim. While the session cookie may expire or be cleared, the JWE remains valid. This issue has been patched in version 4.5.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T20:43:41.538Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-pjr6-jx7r-j4r6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-pjr6-jx7r-j4r6"
},
{
"name": "https://github.com/auth0/nextjs-auth0/commit/a4f061aed02ffa132feca8adfbd11704df17e1c3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/auth0/nextjs-auth0/commit/a4f061aed02ffa132feca8adfbd11704df17e1c3"
},
{
"name": "https://github.com/auth0/nextjs-auth0/releases/tag/v4.5.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/auth0/nextjs-auth0/releases/tag/v4.5.1"
}
],
"source": {
"advisory": "GHSA-pjr6-jx7r-j4r6",
"discovery": "UNKNOWN"
},
"title": "Auth0 NextJS SDK v4 Missing Session Invalidation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46344",
"datePublished": "2025-04-29T20:43:41.538Z",
"dateReserved": "2025-04-22T22:41:54.912Z",
"dateUpdated": "2025-04-30T13:17:43.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4643 (GCVE-0-2025-4643)
Vulnerability from cvelistv5 – Published: 2025-08-29 10:01 – Updated: 2025-08-29 11:54 X_Open Source
VLAI
Title
Lack of JWT Expiration after Log Out in PayloadCMS
Summary
Payload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token to freely reuse it until expiration date (which is by default set to 2 hours, but can be changed).
This issue has been fixed in version 3.44.0 of Payload.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/08/CVE-2025-4643 | third-party-advisory |
| https://payloadcms.com | product |
| https://github.com/payloadcms/payload | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Payload CMS | Payload |
Affected:
0 , < 3.44.0
(semver)
|
Date Public
2025-08-29 10:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4643",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T11:54:20.949942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T11:54:27.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Payload",
"vendor": "Payload CMS",
"versions": [
{
"lessThan": "3.44.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Marta"
}
],
"datePublic": "2025-08-29T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Payload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token to freely reuse it until expiration date (which is by default set to 2 hours, but can be changed). \u003cbr\u003e\u003cbr\u003eThis issue has been fixed in version 3.44.0 of Payload.\u003cbr\u003e"
}
],
"value": "Payload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token to freely reuse it until expiration date (which is by default set to 2 hours, but can be changed). \n\nThis issue has been fixed in version 3.44.0 of Payload."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T10:01:09.128Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/08/CVE-2025-4643"
},
{
"tags": [
"product"
],
"url": "https://payloadcms.com"
},
{
"tags": [
"product"
],
"url": "https://github.com/payloadcms/payload"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "Lack of JWT Expiration after Log Out in PayloadCMS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-4643",
"datePublished": "2025-08-29T10:01:09.128Z",
"dateReserved": "2025-05-13T07:10:07.627Z",
"dateUpdated": "2025-08-29T11:54:27.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46741 (GCVE-0-2025-46741)
Vulnerability from cvelistv5 – Published: 2025-05-12 16:09 – Updated: 2025-10-01 21:46
VLAI
Title
Improper Privilege Management
Summary
A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Schweitzer Engineering Laboratories | SEL Blueframe OS |
Affected:
0 , < 1.12.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46741",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-12T17:55:05.959937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T17:55:24.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SEL Blueframe OS",
"vendor": "Schweitzer Engineering Laboratories",
"versions": [
{
"lessThan": "1.12.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred."
}
],
"value": "A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T21:46:34.900Z",
"orgId": "5804bb70-792c-43e0-8596-486cc0efe699",
"shortName": "SEL"
},
"references": [
{
"url": "https://selinc.com/products/software/latest-software-versions/"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Improper Privilege Management",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5804bb70-792c-43e0-8596-486cc0efe699",
"assignerShortName": "SEL",
"cveId": "CVE-2025-46741",
"datePublished": "2025-05-12T16:09:53.581Z",
"dateReserved": "2025-04-28T21:27:38.847Z",
"dateUpdated": "2025-10-01T21:46:34.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4677 (GCVE-0-2025-4677)
Vulnerability from cvelistv5 – Published: 2026-01-07 17:09 – Updated: 2026-01-07 18:19
VLAI
Title
Idle session timeout is not configured for multiple open ports
Summary
Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ABB | WebPro SNMP Card PowerValue |
Affected:
0 , ≤ 1.1.8.k
(custom)
|
|
| ABB | WebPro SNMP Card PowerValue UL |
Affected:
0 , ≤ 1.1.8.k
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T18:17:02.695141Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T18:19:30.647Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WebPro SNMP Card PowerValue",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "1.1.8.k",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WebPro SNMP Card PowerValue UL",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "1.1.8.k",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.\u003cp\u003eThis issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K.\u003c/p\u003e"
}
],
"value": "Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:09:05.370Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000009\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Idle session timeout is not configured for multiple open ports",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2025-4677",
"datePublished": "2026-01-07T17:09:05.370Z",
"dateReserved": "2025-05-14T06:02:15.939Z",
"dateUpdated": "2026-01-07T18:19:30.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46815 (GCVE-0-2025-46815)
Vulnerability from cvelistv5 – Published: 2025-05-06 17:13 – Updated: 2025-05-06 18:21
VLAI
Title
ZITADEL Allows IdP Intent Token Reuse
Summary
The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client receives an id and token on a predefined URI. These id and token can then be used to authenticate the user or their session. However, prior to versions 3.0.0, 2.71.9, and 2.70.10, it was possible to exploit this feature by repeatedly using intents. This allowed an attacker with access to the application’s URI to retrieve the id and token, enabling them to authenticate on behalf of the user. It's important to note that the use of additional factors (MFA) prevents a complete authentication process and, consequently, access to the ZITADEL API. Versions 3.0.0, 2.71.9, and 2.70.10 contain a fix for the issue. No known workarounds other than upgrading are available.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/zitadel/zitadel/security/advis… | x_refsource_CONFIRM |
| https://github.com/zitadel/zitadel/commit/b1e60e7… | x_refsource_MISC |
| https://github.com/zitadel/zitadel/releases/tag/v… | x_refsource_MISC |
| https://github.com/zitadel/zitadel/releases/tag/v2.71.9 | x_refsource_MISC |
| https://github.com/zitadel/zitadel/releases/tag/v3.0.0 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46815",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-06T18:20:59.907100Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T18:21:14.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "zitadel",
"vendor": "zitadel",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0-rc.1, \u003c 3.0.0"
},
{
"status": "affected",
"version": "\u003c 2.70.10"
},
{
"status": "affected",
"version": "\u003e= 2.71.0, \u003c 2.71.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client receives an id and token on a predefined URI. These id and token can then be used to authenticate the user or their session. However, prior to versions 3.0.0, 2.71.9, and 2.70.10, it was possible to exploit this feature by repeatedly using intents. This allowed an attacker with access to the application\u2019s URI to retrieve the id and token, enabling them to authenticate on behalf of the user. It\u0027s important to note that the use of additional factors (MFA) prevents a complete authentication process and, consequently, access to the ZITADEL API. Versions 3.0.0, 2.71.9, and 2.70.10 contain a fix for the issue. No known workarounds other than upgrading are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294: Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T17:13:53.878Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zitadel/zitadel/security/advisories/GHSA-g4r8-mp7g-85fq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-g4r8-mp7g-85fq"
},
{
"name": "https://github.com/zitadel/zitadel/commit/b1e60e7398d677f08b06fd7715227f70b7ca1162",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zitadel/zitadel/commit/b1e60e7398d677f08b06fd7715227f70b7ca1162"
},
{
"name": "https://github.com/zitadel/zitadel/releases/tag/v2.70.10",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.70.10"
},
{
"name": "https://github.com/zitadel/zitadel/releases/tag/v2.71.9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.71.9"
},
{
"name": "https://github.com/zitadel/zitadel/releases/tag/v3.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zitadel/zitadel/releases/tag/v3.0.0"
}
],
"source": {
"advisory": "GHSA-g4r8-mp7g-85fq",
"discovery": "UNKNOWN"
},
"title": "ZITADEL Allows IdP Intent Token Reuse"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-46815",
"datePublished": "2025-05-06T17:13:53.878Z",
"dateReserved": "2025-04-30T19:41:58.133Z",
"dateUpdated": "2025-05-06T18:21:14.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4754 (GCVE-0-2025-4754)
Vulnerability from cvelistv5 – Published: 2025-06-17 14:31 – Updated: 2026-05-27 15:40
VLAI
Title
Missing Session Revocation on Logout in ash_authentication_phoenix
Summary
Insufficient Session Expiration vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking. This vulnerability is associated with program files lib/ash_authentication_phoenix/controller.ex.
This issue affects ash_authentication_phoenix until 2.10.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/team-alembic/ash_authenticatio… | vendor-advisoryrelated |
| https://cna.erlef.org/cves/CVE-2025-4754.html | related |
| https://osv.dev/vulnerability/EEF-CVE-2025-4754 | related |
| https://github.com/team-alembic/ash_authenticatio… | patch |
| https://github.com/team-alembic/ash_authenticatio… | patch |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ash-project | ash_authentication_phoenix |
Affected:
0 , < 2.10.0
(semver)
cpe:2.3:a:team-alembic:ash_authentication_phoenix:*:*:*:*:*:*:*:* |
|
| ash-project | ash_authentication_phoenix |
Affected:
0 , < a3253fb4fc7145aeb403537af1c24d3a8d51ffb1
(git)
cpe:2.3:a:team-alembic:ash_authentication_phoenix:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T14:40:37.216297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T14:41:09.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.hex.pm",
"cpes": [
"cpe:2.3:a:team-alembic:ash_authentication_phoenix:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"packageName": "ash_authentication_phoenix",
"packageURL": "pkg:hex/ash_authentication_phoenix",
"product": "ash_authentication_phoenix",
"programFiles": [
"lib/ash_authentication_phoenix/controller.ex"
],
"repo": "https://github.com/team-alembic/ash_authentication_phoenix",
"vendor": "ash-project",
"versions": [
{
"lessThan": "2.10.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://github.com",
"cpes": [
"cpe:2.3:a:team-alembic:ash_authentication_phoenix:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"packageName": "team-alembic/ash_authentication_phoenix",
"packageURL": "pkg:github/team-alembic/ash_authentication_phoenix",
"product": "ash_authentication_phoenix",
"programFiles": [
"lib/ash_authentication_phoenix/controller.ex"
],
"repo": "https://github.com/team-alembic/ash_authentication_phoenix",
"vendor": "ash-project",
"versions": [
{
"lessThan": "a3253fb4fc7145aeb403537af1c24d3a8d51ffb1",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:team-alembic:ash_authentication_phoenix:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
],
"operator": "AND"
}
],
"credits": [
{
"lang": "en",
"type": "remediation reviewer",
"value": "James Harton"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Zach Daniel"
},
{
"lang": "en",
"type": "analyst",
"value": "Mike Buhot"
},
{
"lang": "en",
"type": "analyst",
"value": "Jonatan M\u00e4nnchen / EEF"
},
{
"lang": "en",
"type": "analyst",
"value": "Josh Price"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Session Expiration vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003elib/ash_authentication_phoenix/controller.ex\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects ash_authentication_phoenix until 2.10.0.\u003c/p\u003e"
}
],
"value": "Insufficient Session Expiration vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking. This vulnerability is associated with program files lib/ash_authentication_phoenix/controller.ex.\n\nThis issue affects ash_authentication_phoenix until 2.10.0."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:14.352Z",
"orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"shortName": "EEF"
},
"references": [
{
"tags": [
"vendor-advisory",
"related"
],
"url": "https://github.com/team-alembic/ash_authentication_phoenix/security/advisories/GHSA-f7gq-h8jv-h3cq"
},
{
"tags": [
"related"
],
"url": "https://cna.erlef.org/cves/CVE-2025-4754.html"
},
{
"tags": [
"related"
],
"url": "https://osv.dev/vulnerability/EEF-CVE-2025-4754"
},
{
"tags": [
"patch"
],
"url": "https://github.com/team-alembic/ash_authentication_phoenix/pull/634"
},
{
"tags": [
"patch"
],
"url": "https://github.com/team-alembic/ash_authentication_phoenix/commit/a3253fb4fc7145aeb403537af1c24d3a8d51ffb1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Session Revocation on Logout in ash_authentication_phoenix",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"assignerShortName": "EEF",
"cveId": "CVE-2025-4754",
"datePublished": "2025-06-17T14:31:37.006Z",
"dateReserved": "2025-05-15T09:03:11.355Z",
"dateUpdated": "2026-05-27T15:40:14.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48061 (GCVE-0-2025-48061)
Vulnerability from cvelistv5 – Published: 2025-05-22 17:04 – Updated: 2025-05-22 17:32
VLAI
Title
wire-webapp Has Insufficient Session Invalidation after User Logout
Summary
wire-webapp is the web application for the open-source messaging service Wire. A change caused a regression resulting in sessions not being properly invalidated. A user that logged out of the Wire webapp, could have been automatically logged in again after re-opening the application. This does not happen when the user is logged in as a temporary user by selecting "This is a public computer" during login or the user selects "Delete all your personal information and conversations on this device" upon logout. The underlying issue has been fixed with wire-webapp version 2025-05-20-production.0. As a workaround, this behavior can be prevented by either deleting all information upon logout as well as logging in as a temporary client.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/wireapp/wire-webapp/security/a… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wireapp | wire-webapp |
Affected:
< 2025-05-20-production.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48061",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-22T17:23:08.632285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T17:32:16.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wire-webapp",
"vendor": "wireapp",
"versions": [
{
"status": "affected",
"version": "\u003c 2025-05-20-production.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "wire-webapp is the web application for the open-source messaging service Wire. A change caused a regression resulting in sessions not being properly invalidated. A user that logged out of the Wire webapp, could have been automatically logged in again after re-opening the application. This does not happen when the user is logged in as a temporary user by selecting \"This is a public computer\" during login or the user selects \"Delete all your personal information and conversations on this device\" upon logout. The underlying issue has been fixed with wire-webapp version 2025-05-20-production.0. As a workaround, this behavior can be prevented by either deleting all information upon logout as well as logging in as a temporary client."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T17:19:44.339Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wireapp/wire-webapp/security/advisories/GHSA-7r6m-qjwm-w44q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wireapp/wire-webapp/security/advisories/GHSA-7r6m-qjwm-w44q"
}
],
"source": {
"advisory": "GHSA-7r6m-qjwm-w44q",
"discovery": "UNKNOWN"
},
"title": "wire-webapp Has Insufficient Session Invalidation after User Logout"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-48061",
"datePublished": "2025-05-22T17:04:42.918Z",
"dateReserved": "2025-05-15T16:06:40.941Z",
"dateUpdated": "2025-05-22T17:32:16.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49152 (GCVE-0-2025-49152)
Vulnerability from cvelistv5 – Published: 2025-06-25 16:34 – Updated: 2025-07-17 13:44
VLAI
Title
Insufficient Session Expiration in MICROSENS NMP Web+
Summary
The affected products contain JSON Web Tokens (JWT) that do not expire, which could allow an attacker to gain access to the system.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
1 reference
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49152",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-25T20:22:15.738886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-25T20:24:21.907Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NMP Web+",
"vendor": "Microsens",
"versions": [
{
"lessThanOrEqual": "Version 3.2.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tomer Goldschmidt and Noam Moshe of Claroty Team82"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe affected products contain JSON Web Tokens (JWT) that do not expire, which could allow an attacker to gain access to the system.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "The affected products contain JSON Web Tokens (JWT) that do not expire, which could allow an attacker to gain access to the system."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T13:44:34.959Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-07"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMICROSENS recommends users to update to \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.microsens.com/support/downloads/nmp/\"\u003eNMP Web+ Version 3.3.0 for Windows and Linux\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "MICROSENS recommends users to update to NMP Web+ Version 3.3.0 for Windows and Linux https://www.microsens.com/support/downloads/nmp/"
}
],
"source": {
"advisory": "ICSA-25-175-07",
"discovery": "UNKNOWN"
},
"title": "Insufficient Session Expiration in MICROSENS NMP Web+",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-49152",
"datePublished": "2025-06-25T16:34:00.772Z",
"dateReserved": "2025-06-02T17:06:38.139Z",
"dateUpdated": "2025-07-17T13:44:34.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-52661 (GCVE-0-2025-52661)
Vulnerability from cvelistv5 – Published: 2026-01-19 18:04 – Updated: 2026-01-20 20:06
VLAI
Summary
HCL AION version 2 is affected by a JWT Token Expiry Too Long vulnerability. This may increase the risk of token misuse, potentially resulting in unauthorized access if the token is compromised.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | AION |
Affected:
2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T19:37:18.509678Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T20:06:15.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AION",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHCL AION version 2 is affected by a JWT Token Expiry Too Long vulnerability. This may increase the risk of token misuse, potentially resulting in unauthorized access if the token is compromised.\u003c/span\u003e"
}
],
"value": "HCL AION version 2 is affected by a JWT Token Expiry Too Long vulnerability. This may increase the risk of token misuse, potentially resulting in unauthorized access if the token is compromised."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-19T18:04:31.472Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/kb_view.do?sys_kb_id=4b92474633de7ad4159a05273e5c7b4b\u0026searchTerm=kb0127995#"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-52661",
"datePublished": "2026-01-19T18:04:31.472Z",
"dateReserved": "2025-06-18T14:03:06.891Z",
"dateUpdated": "2026-01-20T20:06:15.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Implementation
Description:
- Set sessions/credentials expiration date.
No CAPEC attack patterns related to this CWE.