Jetty Uses Predictable Session Identifiers

🗓️ 01 May 2022 07:43:29Reported by GitHub Advisory DatabaseType

Jetty Vulnerability in Session Identifier Generatio

Reporter	Title	Published	Views	Family All 8
Tenable Nessus	Jetty Non-random Session ID Vulnerability	6 Feb 200700:00	–	nessus
CVE	CVE-2006-6969	7 Feb 200711:00	–	cve
Cvelist	CVE-2006-6969	7 Feb 200711:00	–	cvelist
EUVD	EUVD-2022-4355	3 Oct 202520:07	–	euvd
NVD	CVE-2006-6969	7 Feb 200711:28	–	nvd
OSV	GHSA-JG2X-R643-W2CH Jetty Uses Predictable Session Identifiers	1 May 202207:43	–	osv
securityvulns	Jetty web server weak pseudo-random number generator	5 Feb 200700:00	–	securityvulns
SUSE CVE	SUSE CVE-2006-6969	20 Apr 202302:27	–	susecve

Vulners

Node

org.eclipse.jetty jetty-serverRange6.1.0pre1–6.1.0pre3maven

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2006-6969
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/32240
github	www.github.com/jetty-project/codehaus-jetty6/commit/36f81d2e7058b012f6718bc2f1e2786694a8a4a1
github	www.github.com/jetty-project/codehaus-jetty6/commit/b31f606bf8058a38ab6253aa8dc2dfe6a7f83c78
web	www.web.archive.org/web/20070208112816/http://fisheye.codehaus.org/changelog/jetty/
web	www.web.archive.org/web/20070602184857/http://archives.neohapsis.com/archives/bugtraq/2007-02/0070.html
web	www.web.archive.org/web/20121019131825/http://www.securityfocus.com/archive/1/459164/100/0/threaded
web	www.web.archive.org/web/20200228100052/http://www.securityfocus.com/bid/22405
github	www.github.com/advisories/GHSA-jg2x-r643-w2ch

12 Feb 2024 16:20Current

7.4High risk

Vulners AI Score7.4

CVSS 26.8

EPSS0.00693