CCI-001185
Invalidate session identifiers upon user logout or other session termination.
The CA API Gateway must invalidate session identifiers upon user logout or other session termination.
1 rule found Severity: Medium
The DataPower Gateway must invalidate session identifiers upon user logout or other session termination.
1 rule found Severity: Medium
Oracle WebLogic must terminate user sessions upon user logout or any other organization- or policy-defined session termination events such as idle time limit exceeded.
1 rule found Severity: Medium
1 rule found Severity: Medium
The DBMS must terminate user sessions upon user logout or any other organization or policy-defined session termination events, such as idle time limit exceeded.
1 rule found Severity: Medium
3 rules found Severity: Medium
The EDB Postgres Advanced Server must invalidate session identifiers upon user logout or other session termination.
1 rule found Severity: Medium
The network device must invalidate session identifiers upon administrator logout or other session termination.
1 rule found Severity: Medium
The web server must invalidate session identifiers upon hosted application user logout or other session termination.
1 rule found Severity: Medium
The Apache web server must invalidate session identifiers upon hosted application user logout or other session termination.
3 rules found Severity: Medium
1 rule found Severity: Medium
The application server must invalidate session identifiers upon user logout or other session termination.
1 rule found Severity: Medium
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: High
The DBMS must terminate user sessions upon user logoff or any other organization or policy-defined session termination events, such as idle time limit exceeded.
1 rule found Severity: Medium
1 rule found Severity: Medium