CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2719

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0880%
EPSS Percentile7.97th
PublishedMay 16, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

Affected Platforms (CPE)

πŸ“¦
Hp

Systems Insight Manager

= 4.2
πŸ“¦
Hp

Systems Insight Manager

= 5.0
πŸ“¦
Hp

Systems Insight Manager

= 5.0

References & Advisories

πŸ”— http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713
πŸ”— http://osvdb.org/36061
πŸ”— http://secunia.com/advisories/25275
πŸ”— http://www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txt
πŸ”— http://www.securityfocus.com/archive/1/468974/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/23988
πŸ”— http://www.securitytracker.com/id?1018062
πŸ”— http://www.vupen.com/english/advisories/2007/1823

Related Vulnerabilities

CVE-2016-43669.8

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information, modify data, or cause a de...

CVE-2020-72009.8

A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could b...

CVE-2016-20189.1

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecif...

CVE-2012-19998.5

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote authenticated users to obtain sensitive inf...