CWE-613

Insufficient Session Expiration

AI Translation Available

According to WASC, 'Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.'

Status

incomplete

Abstraction

base

Affected Platforms

Web Based Web Server

Technical Details

AI Translation

Common Consequences

access control

Impacts

bypass protection mechanism

Detection Methods

automated static analysis

Potential Mitigations

Phases:

implementation

Descriptions:

• Set sessions/credentials expiration date.

AI Generated Translation

Common Consequences

controllo degli accessi

Impacts

elusione del meccanismo di protezione

Detection Methods

analisi statica automatizzata

Potential Mitigations

Phases:

implementazione

Descriptions:

• Imposta la data di scadenza delle sessioni/credenziali.

CWE-613

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Iscriviti alla newsletter