CVE-2013-6806

Opentext Exceed Ondemand - Authentication Bypass

Title source: rule

Description

OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.

References (1)

[Various Sources] https://github.com/koto/exceed-mitm

View Writeup ZIP pw:eip

Scores

EPSS 0.0023

EPSS Percentile 45.5%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

opentext/exceed_ondemand

Timeline

Published May 19, 2014

Tracked Since Feb 18, 2026