CVE DATABASE / CVE-2008-3289
CVE-2008-3289
CVSS 7.5 · HIGH
Summary
EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified point, which allows remote attackers to obtain sensitive information via a crafted packet.
CVSS 3.1 breakdown
| Base score | 7.5 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | NONE |
| Availability | NONE |
Weakness type (CWE)
Affected products
Storcentric retrospect backup client
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639
- http://secunia.com/advisories/31186
- http://securityreason.com/securityalert/4025
- http://www.fortiguardcenter.com/advisory/FGA-2008-16.html
- http://www.securityfocus.com/archive/1/494560/100/0/threaded
- http://www.securityfocus.com/bid/30308
- http://www.vupen.com/english/advisories/2008/2150/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43930
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.