32 matches found
CVE-2023-38535
CVE-2023-38535 affects OpenText Exceed Turbo X versions 12.5.1 and 12.5.2. Root cause is hard-coded cryptographic keys, potentially allowing compromise of keys and impacting confidentiality, integrity, and availability. Publicly documented CVSSv3.1 metrics indicate a 9.8 (CRITICAL) score via netw...
CVE-2023-38534
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated RPC...
OpenText Exceed Turbo X Security Vulnerability
OpenText Exceed Turbo X is a virtual desktop software from OpenText Canada. A security vulnerability exists in OpenText Exceed Turbo X versions 12.5.1 and 12.5.2 that stems from the use of hard-coded encryption keys in the application...
OpenText Exceed Turbo X Security Vulnerability
OpenText Exceed Turbo X is a virtual desktop software from OpenText Canada. A security vulnerability exists in OpenText Exceed Turbo X version 12.5.1, which originates from the application disclosing restricted information in an unauthenticated RPC...
CVE-2013-6805
OpenText Exceed OnDemand EoD 8 uses weak encryption for passwords, which makes it easier for 1 remote attackers to discover credentials by sniffing the network or 2 local users to discover credentials by reading a .eod8 file...
CVE-2013-6994
OpenText Exceed OnDemand EoD 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network...
CVE-2013-6807
The client in OpenText Exceed OnDemand EoD 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses...
Design/Logic Flaw
The client in OpenText Exceed OnDemand EoD 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses...
Design/Logic Flaw
OpenText Exceed OnDemand EoD 8 uses weak encryption for passwords, which makes it easier for 1 remote attackers to discover credentials by sniffing the network or 2 local users to discover credentials by reading a .eod8 file...
CVE-2013-6805
OpenText Exceed OnDemand EoD 8 uses weak encryption for passwords, which makes it easier for 1 remote attackers to discover credentials by sniffing the network or 2 local users to discover credentials by reading a .eod8 file...
CVE-2013-6806
OpenText Exceed OnDemand EoD 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext...
CVE-2013-6807
The client in OpenText Exceed OnDemand EoD 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses...