CVE-2005-2187
Summary
| CVE | CVE-2005-2187 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-07-11 04:00:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp. |
Risk And Classification
Primary CVSS: v2.0 4.6 from [email protected]
AV:L/AC:L/Au:N/C:P/I:P/A:P
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:L/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Mcafee | Intrushield Security Management System | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| McAfee Security Management System Lets Remote Authenticated Users Gain Elevated Privileges - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| 'McAfee Intrushield IPS Abuse' - MARC | af854a3a-2127-422b-91ae-364da2661108 | marc.info | |
| Secunia - Advisories - McAfee IntruShield Security Management System Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| 'Re: Re: McAfee Intrushield IPS Abuse' - MARC | af854a3a-2127-422b-91ae-364da2661108 | marc.info | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.