CVE-2005-2187

high

Description

McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp.

References

http://securitytracker.com/id?1014422

http://secunia.com/advisories/15961

http://marc.info/?l=bugtraq&m=112076813804503&w=2

http://marc.info/?l=bugtraq&m=112066594312876&w=2

Details

Source: Mitre, NVD

Published: 2005-07-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

Severity: High

EPSS

EPSS: 0.00312