Vulnerability Description
McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Intrushield Security Management System | All versions |
References
- http://marc.info/?l=bugtraq&m=112066594312876&w=2
- http://marc.info/?l=bugtraq&m=112076813804503&w=2
- http://securitytracker.com/id?1014422
- http://marc.info/?l=bugtraq&m=112066594312876&w=2
- http://marc.info/?l=bugtraq&m=112076813804503&w=2
- http://securitytracker.com/id?1014422
FAQ
What is CVE-2005-2188?
CVE-2005-2188 is a vulnerability with a CVSS score of 7.5 (HIGH). McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack.
How severe is CVE-2005-2188?
CVE-2005-2188 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2188?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Intrushield Security Management System.