CVE-2007-2719

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

Link	Resource
http://www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txt	Patch
http://secunia.com/advisories/25275	Vendor Advisory
http://www.securityfocus.com/bid/23988
http://www.securitytracker.com/id?1018062
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713
http://www.vupen.com/english/advisories/2007/1823
http://osvdb.org/36061
https://exchange.xforce.ibmcloud.com/vulnerabilities/34303
http://www.securityfocus.com/archive/1/468974/100/0/threaded

Configuration 1

cpe:2.3:a:hp:systems_insight_manager:4.2:*:*:*:*:*:*:* cpe:2.3:a:hp:systems_insight_manager:5.0:sp5:*:*:*:*:*:* cpe:2.3:a:hp:systems_insight_manager:5.0:sp4:*:*:*:*:*:*

---

Published : 2007-05-16 07:28

Updated : 2018-10-16 04:45

---

NVD link : CVE-2007-2719

Mitre link : CVE-2007-2719

No products.

CWE-287