Описание
Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision.
Ссылки
- Third Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Exploit
- Third Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:retrospect:retrospect:10.0.2:*:*:*:*:windows:*:*
cpe:2.3:a:retrospect:retrospect:12.0.2:*:*:*:*:mac:*:*
cpe:2.3:a:retrospect:retrospect_client:10.0.2:*:*:*:*:linux:*:*
cpe:2.3:a:retrospect:retrospect_client:10.0.2:*:*:*:*:windows:*:*
cpe:2.3:a:retrospect:retrospect_client:12.0.2:*:*:*:*:mac:*:*
EPSS
Процентиль: 64%
0.00479
Низкий
5 Medium
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
больше 3 лет назад
Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision.
EPSS
Процентиль: 64%
0.00479
Низкий
5 Medium
CVSS2
Дефекты
CWE-255