Session logout could be overwritten in Checkmk GmbHs Checkmk versions <2.3.0p30, <2.2.0p41, and 2.1.0p49 (EOL)
According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”