CWE-6 - CERT CVE

The J2EE application is configured to use an insufficient session ID length.

CAPEC ID	Naziv
CAPEC-21	Exploitation of Trusted Identifiers
CAPEC-59	Session Credential Falsification through Prediction