A vulnerabillity scan of the ICDx web GUI reports a session fixation vulnerability.
Session fixation allows an attacker to impersonate a user by abusing an authenticated session ID (SID). This attack can occur when a web application:
This is a false positive.
Release : 1.4
Component : ICDx
This is a false positive likely resulting from the structure of the session ID generated by the ICDx web GUI. All logins generate a unique token and alternate session tokens supplied by the client will not be accepted.