Description

After a password change the session remains open.

Impact

Keep the control of an account whose session has been compromised.

Recommendation

The open session must be closed after a password change process.

Threat

Unauthorized user from the Internet with access to a users session.

Expected Remediation Time

⏱️ 60 minutes.

Requirements

Fixes