Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-6609

Malware in sbrugna...

6.8CVSS6.4AI score0.00633EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2013-6607

Malware in sbrugna...

5CVSS6.4AI score0.00711EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-6795

Malware in sbrugna...

6.4CVSS6.4AI score0.01184EPSS
Exploits0References3
NVD
NVD
added 2014/05/19 2:55 p.m.12 views

CVE-2013-6806

OpenText Exceed OnDemand EoD 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext...

6.8CVSS6.2AI score0.01031EPSS
Exploits0References1
NVD
NVD
added 2014/05/19 2:55 p.m.17 views

CVE-2013-6805

OpenText Exceed OnDemand EoD 8 uses weak encryption for passwords, which makes it easier for 1 remote attackers to discover credentials by sniffing the network or 2 local users to discover credentials by reading a .eod8 file...

5CVSS6.5AI score0.00711EPSS
Exploits0References1
NVD
NVD
added 2014/05/19 2:55 p.m.16 views

CVE-2013-6994

OpenText Exceed OnDemand EoD 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network...

6.4CVSS6.7AI score0.01184EPSS
Exploits0References1
NVD
NVD
added 2014/05/19 2:55 p.m.17 views

CVE-2013-6807

The client in OpenText Exceed OnDemand EoD 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses...

6.8CVSS6.1AI score0.00633EPSS
Exploits0References1
Prion
Prion
added 2014/05/19 2:55 p.m.16 views

Design/Logic Flaw

The client in OpenText Exceed OnDemand EoD 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses...

6.8CVSS6.6AI score0.00633EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/05/19 2:55 p.m.14 views

Design/Logic Flaw

OpenText Exceed OnDemand EoD 8 uses weak encryption for passwords, which makes it easier for 1 remote attackers to discover credentials by sniffing the network or 2 local users to discover credentials by reading a .eod8 file...

5CVSS7AI score0.00711EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/05/19 2:55 p.m.17 views

Session fixation

OpenText Exceed OnDemand EoD 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network...

6.4CVSS7.2AI score0.01184EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/05/19 2:55 p.m.12 views

Authentication flaw

OpenText Exceed OnDemand EoD 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext...

6.8CVSS6.7AI score0.01031EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/05/19 2:0 p.m.21 views

CVE-2013-6805

OpenText Exceed OnDemand EoD 8 uses weak encryption for passwords, which makes it easier for 1 remote attackers to discover credentials by sniffing the network or 2 local users to discover credentials by reading a .eod8 file...

6.5AI score0.00711EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/05/19 2:0 p.m.23 views

CVE-2013-6806

OpenText Exceed OnDemand EoD 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext...

6.2AI score0.01031EPSS
Exploits0References1
CVE
CVE
added 2014/05/19 2:0 p.m.44 views

CVE-2013-6806

The CVE-2013-6806 entry concerns OpenText Exceed OnDemand (EoD) 8. A crafted response string allows a man-in-the-middle to disable bidirectional authentication, triggering a downgrade to simple authentication and sending credentials in plaintext. The vulnerability is network-exploitable with medi...

6.8CVSS6.3AI score0.01031EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2014/05/19 2:0 p.m.45 views

CVE-2013-6805

OpenText Exceed OnDemand (EoD) 8 is affected by CVE-2013-6805 due to weak password encryption. The vulnerability enables credential disclosure either by sniffing network traffic or by local access reading a .eod8 file. The description does not specify affected versions beyond EoD 8, nor the exact...

5CVSS6.7AI score0.00711EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/05/19 2:0 p.m.24 views

CVE-2013-6807

The client in OpenText Exceed OnDemand EoD 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses...

6.1AI score0.00633EPSS
Exploits0References1
CVE
CVE
added 2014/05/19 2:0 p.m.41 views

CVE-2013-6994

CVE-2013-6994 affects OpenText Exceed OnDemand (EoD) 8. The issue is that the session ID is transmitted in cleartext, allowing remote attackers to perform session fixation by sniffing the network. The NVD entry documents a network-based attack with low attack complexity and no required authentica...

6.4CVSS6.9AI score0.01184EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2014/05/19 2:0 p.m.43 views

CVE-2013-6807

CVE-2013-6807 affects OpenText Exceed OnDemand (EoD) 8. The vulnerability arises because the client supports anonymous ciphers by default, enabling man-in-the-middle attackers to bypass server certificate validation, redirect connections, and obtain sensitive information from crafted responses. R...

6.8CVSS6.2AI score0.00633EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/05/19 2:0 p.m.27 views

CVE-2013-6994

OpenText Exceed OnDemand EoD 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network...

6.7AI score0.01184EPSS
Exploits0References1
Rows per page
Query Builder