CWE-613 - Insufficient Session Expiration

Abstraction:Base
Structure:Simple
Status:Incomplete

Release Date:2007-05-07
Latest Modification Date:2023-06-29

Weakness Name

Insufficient Session Expiration

Description

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

Common Consequences

Scope: Access Control

Impact: Bypass Protection Mechanism

CWE-613 - Insufficient Session Expiration

Weakness Name

Description

Common Consequences

Related Weaknesses

Top Security News

Top CVE List

Common Alerts

Top CWE List