CVE-2005-2187

Sažetak

McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp.

Reference

http://marc.info/?l=bugtraq&m=112066594312876&w=2
http://marc.info/?l=bugtraq&m=112076813804503&w=2
http://secunia.com/advisories/15961
http://securitytracker.com/id?1014422

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

18-10-2016 - 03:25

Objavljeno

11-07-2005 - 04:00