Lucene search

[email protected]CVE-2005-2187

HistoryJul 11, 2005 - 4:00 a.m.

CVE-2005-2187

2005-07-1104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2187

vulnerability

mcafee

intrushield

security management system

remote access

report modification

7.1 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.5%

JSON

McAfee IntruShield Security Management System allows remote authenticated users to access the “Generate Reports” feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp.

CPENameOperatorVersion
mcafee:intrushield_security_management_systemmcafee intrushield security management systemeq*

CPE	Name	Operator	Version
mcafee:intrushield_security_management_system	mcafee intrushield security management system	eq	*

References

marc.info/?l=bugtraq&m=112066594312876&w=2

marc.info/?l=bugtraq&m=112076813804503&w=2

secunia.com/advisories/15961

securitytracker.com/id?1014422

7.1 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

55.5%

JSON