CVE-2008-3289
HIGHEMC Dantz Retrospect Backup Client <7.5.116 - Info Disclosure
Title source: llmDescription
EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified point, which allows remote attackers to obtain sensitive information via a crafted packet.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43930
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30308
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4025
Broken Link, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/494560/100/0/threaded
Broken Link x_refsource_confirm
http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2150/references
Broken Link, Patch x_refsource_misc
http://www.fortiguardcenter.com/advisory/FGA-2008-16.html
Broken Link, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31186
Scores
CVSS v3
7.5
EPSS
0.0524
EPSS Percentile
91.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-319
Status
published
Products (1)
storcentric/retrospect_backup_client
7.5.116
Published
Jul 24, 2008
Tracked Since
Feb 18, 2026