CVE-2013-6807

OpenText Exceed OnDemand 8 - Man-in-the-Middle Attack via Anonymous Cipher Support

Title source: llm

Description

The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.

References (1)

Core 1

Core References

Various Sources x_refsource_misc

https://github.com/koto/exceed-mitm

View Writeup ZIP pw:eip

Scores

EPSS 0.0063

EPSS Percentile 45.5%

Details

CWE

CWE-310

Status published

Products (1)

opentext/exceed_ondemand 8.0

Published May 19, 2014

Tracked Since Feb 18, 2026