CVE-2013-6807

2014-05-1914:00:00

mitre

www.cve.org

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

32.4%

JSON

The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.

References

github.com/koto/exceed-mitm