Lucene search
K
OpentextExceed Ondemand

4 matches found

CVE
CVE
added 2014/05/19 2:0 p.m.46 views

CVE-2013-6805

OpenText Exceed OnDemand (EoD) 8 is affected by CVE-2013-6805 due to weak password encryption. The vulnerability enables credential disclosure either by sniffing network traffic or by local access reading a .eod8 file. The description does not specify affected versions beyond EoD 8, nor the exact...

5CVSS6.7AI score0.00711EPSS
CVE
CVE
added 2014/05/19 2:0 p.m.45 views

CVE-2013-6806

The CVE-2013-6806 entry concerns OpenText Exceed OnDemand (EoD) 8. A crafted response string allows a man-in-the-middle to disable bidirectional authentication, triggering a downgrade to simple authentication and sending credentials in plaintext. The vulnerability is network-exploitable with medi...

6.8CVSS6.3AI score0.01031EPSS
CVE
CVE
added 2014/05/19 2:0 p.m.44 views

CVE-2013-6807

CVE-2013-6807 affects OpenText Exceed OnDemand (EoD) 8. The vulnerability arises because the client supports anonymous ciphers by default, enabling man-in-the-middle attackers to bypass server certificate validation, redirect connections, and obtain sensitive information from crafted responses. R...

6.8CVSS6.2AI score0.00633EPSS
CVE
CVE
added 2014/05/19 2:0 p.m.42 views

CVE-2013-6994

CVE-2013-6994 affects OpenText Exceed OnDemand (EoD) 8. The issue is that the session ID is transmitted in cleartext, allowing remote attackers to perform session fixation by sniffing the network. The NVD entry documents a network-based attack with low attack complexity and no required authentica...

6.4CVSS6.9AI score0.01184EPSS