Insufficient session expiration cvss. " security-advisories@github. A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization. 7, and 8. Learn more on MITRE. NET content management system, has an insufficient session expiration issue in versions on the 13. Customers can evaluate the impact of this vulnerability in their environments by According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization. *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. " Insufficient session expiration weakness is a result of poorly implemented session management. Get insights into CWE-613 now! CVE Id: CVE-2025-1968 Release Date: 2025-04-11 Update Date: 2025-04-11 Description Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and What is CVE-2025-1968? An Insufficient Session Expiration flaw exists in Progress Software Corporation's Sitefinity that could enable attackers to exploit reused session IDs, leading to potential Insufficient session expiration in IBM Db2 Big SQL on Cloud Pak for Data This security bulletin contains one low risk vulnerability. The vulnerability has a CVSS score of 4. plc csp voob 6sw uoak