Hewlett Packard · Hp Systems Insight Manager · CVE-2007-2719
**Name of the Vulnerable Software and Affected Versions**
HP Systems Insight Manager (SIM) versions 4.2 and 5.0 SP4 and SP5
**Description**
A session fixation issue allows remote attackers to hijack web sessions by setting the `JSESSIONID` cookie.
**Recommendations**
For HP Systems Insight Manager (SIM) version 4.2, update to a version that fixes this issue.
For HP Systems Insight Manager (SIM) version 5.0 SP4, update to a version that fixes this issue.
For HP Systems Insight Manager (SIM) version 5.0 SP5, update to a version that fixes this issue.