CVE-2018-15208 (smartvista)

BPC SmartVista 2 has Session Fixation via the JSESSIONID parameter.
Source: NIST
CVE-2018-15208 (smartvista)