Remote authenticated users can exploit vulnerability in McAfee IntruShield Security Management System to modify alerts and access the Generate Reports feature.

Remote authenticated users can exploit vulnerability in McAfee IntruShield Security Management System to modify alerts and access the Generate Reports feature.

CVE-2005-2187 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp.

Learn more about our User Device Pen Test.