5
CVE-2015-2864
- EPSS 3.34%
- Veröffentlicht 21.09.2015 10:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cret@cert.org
- CVE-Watchlists
- Unerledigt
LoginRetrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Retrospect ≫ Retrospect Version10.0.2 SwPlatformwindows
Retrospect ≫ Retrospect Version12.0.2 SwPlatformmac
Retrospect ≫ Retrospect Client Version10.0.2 SwPlatformlinux
Retrospect ≫ Retrospect Client Version10.0.2 SwPlatformwindows
Retrospect ≫ Retrospect Client Version12.0.2 SwPlatformmac
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.34% | 0.871 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://www.kb.cert.org/vuls/id/101500
http://www.retrospect.com/support/kb/cve_2015_2864
http://www.securityfocus.com/bid/75201
http://www.securitytracker.com/id/1033948
https://www.youtube.com/watch?v=MB8AL5u7JCA