CVE Vulnerabilities

CVE-2025-2596

Insufficient Session Expiration

Published: Mar 26, 2025 | Modified: Mar 26, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Session logout could be overwritten in Checkmk GmbHs Checkmk versions <2.3.0p30, <2.2.0p41, and 2.1.0p49 (EOL)

Weakness

According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”

Potential Mitigations

References