I would like to know if there is any way to end a User Session when its password in the User Store is changed?
User Stores do not communicate natively with Policy Server to modify data, and as such, if a User account's password is reset in the User Store, there is no out-of-the-box functionality to connect to the Policy Server to end the User's Session.
Neither the Policy Server would not try to re-authenticate the User unless there is some kind of requirement to do so as the session has idle timed out or reached the max timeout.
Note that the Session Ticket contains the User's attributes but not its password:
Release: SOASMU99000-12.5-SOA Security Manager-Upgrade