CVE-2005-2186
Summary
| CVE | CVE-2005-2186 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-07-11 04:00:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName or (2) resourceName parameter to SystemEvent.jsp. |
Risk And Classification
Primary CVSS: v2.0 1.9 from [email protected]
AV:L/AC:M/Au:N/C:N/I:P/A:N
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
PartialAvailability
NoneAV:L/AC:M/Au:N/C:N/I:P/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Mcafee | Intrushield Security Management System | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| McAfee Security Management System Lets Remote Authenticated Users Gain Elevated Privileges - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| 'McAfee Intrushield IPS Abuse' - MARC | af854a3a-2127-422b-91ae-364da2661108 | marc.info | |
| Secunia - Advisories - McAfee IntruShield Security Management System Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| 'Re: Re: McAfee Intrushield IPS Abuse' - MARC | af854a3a-2127-422b-91ae-364da2661108 | marc.info | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.