The Web Database Manager in web-tools for SAP DB prior to 7.4.03.30 generates predictable session IDs, which allows remote malicious users to conduct unauthorized activities.
sap sap db