Description
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors.
Remediation
References
https://pivotal.io/security/cve-2015-0201
Related Vulnerabilities
CVE-2020-26870 Vulnerability in maven package org.webjars.npm:dompurify
CVE-2018-15531 Vulnerability in maven package net.bull.javamelody:javamelody-core
CVE-2017-12634 Vulnerability in maven package org.apache.camel:camel-castor
CVE-2023-1108 Vulnerability in maven package io.undertow:undertow-core
CVE-2021-40865 Vulnerability in maven package org.apache.storm:storm-server