{"api_version":"1","generated_at":"2026-04-08T13:34:46+00:00","cve":"CVE-2005-2285","urls":{"html":"https://cve.report/CVE-2005-2285","api":"https://cve.report/api/cve/CVE-2005-2285.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-2285","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-2285"},"summary":{"title":"CVE-2005-2285","description":"WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2005-07-18 04:00:00","updated_at":"2008-09-05 20:51:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"http://www.kb.cert.org/vuls/id/165290","name":"VU#165290","refsource":"CERT-VN","tags":["Patch","US Government Resource"],"title":"US-CERT Vulnerability Note VU#165290","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/JGEI-6BWPXL","name":"http://www.kb.cert.org/vuls/id/JGEI-6BWPXL","refsource":"CONFIRM","tags":[],"title":"ESi Information for VU#165290","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-2285","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2285","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"2285","vulnerable":"1","versionEndIncluding":"6.0.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"esi_products","cpe5":"webeoc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-2285","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"VU#165290","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/165290"},{"name":"http://www.kb.cert.org/vuls/id/JGEI-6BWPXL","refsource":"CONFIRM","url":"http://www.kb.cert.org/vuls/id/JGEI-6BWPXL"}]}},"nvd":{"publishedDate":"2005-07-18 04:00:00","lastModifiedDate":"2008-09-05 20:51:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:esi_products:webeoc:*:*:*:*:*:*:*:*","versionEndIncluding":"6.0.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"2285","Ordinal":"12172","Title":"CVE-2005-2285","CVE":"CVE-2005-2285","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"2285","Ordinal":"1","NoteData":"WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.","Type":"Description","Title":null},{"CveYear":"2005","CveId":"2285","Ordinal":"2","NoteData":"2005-07-17","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"2285","Ordinal":"3","NoteData":"2021-06-15","Type":"Other","Title":"Modified"}]}}}