CVE-2007-2719
 
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.
Vulnerabilidad de fijación de sesión en HP Systems Insight Manager (SIM) 4.2 y 5.0 SP4 y SP5 permite a atacantes remotos secuestrar sesiones web al establecer la cookie JSESSIONID.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-05-16 CVE Reserved
- 2007-05-16 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://osvdb.org/36061 | Vdb Entry | |
http://www.securityfocus.com/archive/1/468974/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/23988 | Vdb Entry | |
http://www.securitytracker.com/id?1018062 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/1823 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/34303 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txt | 2018-10-16 |
URL | Date | SRC |
---|---|---|
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713 | 2018-10-16 | |
http://secunia.com/advisories/25275 | 2018-10-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hp Search vendor "Hp" | Systems Insight Manager Search vendor "Hp" for product "Systems Insight Manager" | 4.2 Search vendor "Hp" for product "Systems Insight Manager" and version "4.2" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Systems Insight Manager Search vendor "Hp" for product "Systems Insight Manager" | 5.0 Search vendor "Hp" for product "Systems Insight Manager" and version "5.0" | sp4 |
Affected
| ||||||
Hp Search vendor "Hp" | Systems Insight Manager Search vendor "Hp" for product "Systems Insight Manager" | 5.0 Search vendor "Hp" for product "Systems Insight Manager" and version "5.0" | sp5 |
Affected
|