CVE-2013-6805

OpenText Exceed OnDemand EoD 8 uses weak encryption for passwords, which makes it easier for 1 remote attackers to discover credentials by sniffing the network or 2 local users to discover credentials by reading a .eod8 file...

CVE-2013-6994

CVE-2013-6994 affects OpenText Exceed OnDemand (EoD) 8. The issue is that the session ID is transmitted in cleartext, allowing remote attackers to perform session fixation by sniffing the network. The NVD entry documents a network-based attack with low attack complexity and no required authentica...

CVE-2013-6806

The CVE-2013-6806 entry concerns OpenText Exceed OnDemand (EoD) 8. A crafted response string allows a man-in-the-middle to disable bidirectional authentication, triggering a downgrade to simple authentication and sending credentials in plaintext. The vulnerability is network-exploitable with medi...

CVE-2013-6807

CVE-2013-6807 affects OpenText Exceed OnDemand (EoD) 8. The vulnerability arises because the client supports anonymous ciphers by default, enabling man-in-the-middle attackers to bypass server certificate validation, redirect connections, and obtain sensitive information from crafted responses. R...