CVE-2015-2864
Published Sep 21, 2015
Last updated 8 years ago
Overview
- Description
- Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision.
- Source
- cret@cert.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-255
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:retrospect:retrospect:10.0.2:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "F0D942BA-5CB8-4428-B9F9-477CEF95F305"
},
{
"criteria": "cpe:2.3:a:retrospect:retrospect:12.0.2:*:*:*:*:mac:*:*",
"vulnerable": true,
"matchCriteriaId": "F0D24914-4CFC-4308-ABCE-41257B297481"
},
{
"criteria": "cpe:2.3:a:retrospect:retrospect_client:10.0.2:*:*:*:*:linux:*:*",
"vulnerable": true,
"matchCriteriaId": "67779501-A19B-41A9-92C9-DE01072EB5A6"
},
{
"criteria": "cpe:2.3:a:retrospect:retrospect_client:10.0.2:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "584D8E51-0FA8-45CB-B982-40F5B0AB36C8"
},
{
"criteria": "cpe:2.3:a:retrospect:retrospect_client:12.0.2:*:*:*:*:mac:*:*",
"vulnerable": true,
"matchCriteriaId": "CEF6B991-A24F-48BF-BFEC-A592A04A8619"
}
],
"operator": "OR"
}
]
}
]