Lucene search

[email protected]CVE-2005-3034

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-3034

2022-10-0316:22:38

[email protected]

web.nvd.nist.gov

compuware

driverstudio

remote control

authentication bypass

null session

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.5%

JSON

Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session.

Affected configurations

NVD

Node

compuwaredriverstudioMatch2.7

compuwaredriverstudioMatch3.0_beta_2

CPENameOperatorVersion
compuware:driverstudiocompuware driverstudioeq2.7
compuware:driverstudiocompuware driverstudioeq3.0_beta_2

CPE	Name	Operator	Version
compuware:driverstudio	compuware driverstudio	eq	2.7
compuware:driverstudio	compuware driverstudio	eq	3.0_beta_2

References

lists.seifried.org/pipermail/security/2005-September/009956.html

secunia.com/advisories/16838

www.securityfocus.com/bid/14837

www.xfocus.net/articles/200509/821.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.5%

JSON

Related for CVE-2005-3034

nvd1 cvelist1