Unrated severityNVD Advisory· Published May 16, 2007· Updated Apr 23, 2026

CVE-2007-2719

Description

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

Affected products

HP/Systems Insight Manager3 versions
cpe:2.3:a:hp:systems_insight_manager:4.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:hp:systems_insight_manager:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:hp:systems_insight_manager:5.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:hp:systems_insight_manager:5.0:sp5:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txtnvdPatch
secunia.com/advisories/25275nvdVendor Advisory
h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
osvdb.org/36061nvd
www.securityfocus.com/archive/1/468974/100/0/threadednvd
www.securityfocus.com/bid/23988nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/1823nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34303nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000