Cockpit is an interactive server administration interface.An access control error vulnerability exists in versions of Cockpit prior to 2.2.0, which stems from insufficient session expiration. An attacker could exploit this vulnerability to take control of an account using expired session credentials.