{"api_version":"1","generated_at":"2026-05-02T09:09:08+00:00","cve":"CVE-2005-2187","urls":{"html":"https://cve.report/CVE-2005-2187","api":"https://cve.report/api/cve/CVE-2005-2187.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-2187","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-2187"},"summary":{"title":"CVE-2005-2187","description":"McAfee IntruShield Security Management System allows remote authenticated users to access the \"Generate Reports\" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-07-11 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.6","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://securitytracker.com/id?1014422","name":"http://securitytracker.com/id?1014422","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"McAfee Security Management System Lets Remote Authenticated Users Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=112066594312876&w=2","name":"http://marc.info/?l=bugtraq&m=112066594312876&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'McAfee Intrushield IPS Abuse' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/15961","name":"http://secunia.com/advisories/15961","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - McAfee IntruShield Security Management System Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=112076813804503&w=2","name":"http://marc.info/?l=bugtraq&m=112076813804503&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'Re: Re: McAfee Intrushield IPS Abuse' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-2187","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2187","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"2187","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mcafee","cpe5":"intrushield_security_management_system","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T22:15:37.666Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20050706 Re: Re: McAfee Intrushield IPS Abuse","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=112076813804503&w=2"},{"name":"1014422","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1014422"},{"name":"15961","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/15961"},{"name":"20050706 McAfee Intrushield IPS Abuse","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=112066594312876&w=2"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-07-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"McAfee IntruShield Security Management System allows remote authenticated users to access the \"Generate Reports\" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-10-17T13:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20050706 Re: Re: McAfee Intrushield IPS Abuse","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=112076813804503&w=2"},{"name":"1014422","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1014422"},{"name":"15961","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/15961"},{"name":"20050706 McAfee Intrushield IPS Abuse","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=112066594312876&w=2"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-2187","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"McAfee IntruShield Security Management System allows remote authenticated users to access the \"Generate Reports\" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20050706 Re: Re: McAfee Intrushield IPS Abuse","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=112076813804503&w=2"},{"name":"1014422","refsource":"SECTRACK","url":"http://securitytracker.com/id?1014422"},{"name":"15961","refsource":"SECUNIA","url":"http://secunia.com/advisories/15961"},{"name":"20050706 McAfee Intrushield IPS Abuse","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=112066594312876&w=2"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-2187","datePublished":"2005-07-10T04:00:00.000Z","dateReserved":"2005-07-10T00:00:00.000Z","dateUpdated":"2024-08-07T22:15:37.666Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-07-11 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:mcafee:intrushield_security_management_system:*:*:*:*:*:*:*:*","matchCriteriaId":"12AD8168-6076-49CA-A468-602B060B5553"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"2187","Ordinal":"1","Title":"CVE-2005-2187","CVE":"CVE-2005-2187","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"2187","Ordinal":"1","NoteData":"McAfee IntruShield Security Management System allows remote authenticated users to access the \"Generate Reports\" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp.","Type":"Description","Title":"CVE-2005-2187"},{"CveYear":"2005","CveId":"2187","Ordinal":"2","NoteData":"2005-07-10","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"2187","Ordinal":"3","NoteData":"2016-10-17","Type":"Other","Title":"Modified"}]}}}