Vulnerabilities > Jetty > Jetty Http Server > 5.1.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-07 | CVE-2006-6969 | Unspecified vulnerability in Jetty Http Server Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote attackers to guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks. network jetty | 6.8 |