HP Systems Insight Manager JSessionID Session Fixation Vulnerability
|
Bugtraq ID:
|
23988
|
|
Class:
|
Design Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
May 15 2007 12:00AM
|
|
Updated:
|
May 18 2007 06:48PM
|
|
Credit:
|
Luka Treiber and Aljosa Ocepek of ACROS Security is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
HP Systems Insight Manager 5.0 SP6
HP Systems Insight Manager 5.0 SP5
HP Systems Insight Manager 4.2
|
|
|
|
Not Vulnerable:
|
HP Systems Insight Manager 5.1 SP1
|
|
