Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Exceed ondemand'
2014-05-19
CVE-2013-6994
CWE-310
OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network.
CVE-2013-6807
CWE-310
The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.
CVE-2013-6806
CWE-287
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.
CVE-2013-6805
CWE-310
OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote attackers to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file.
>>>
Vendor:
Opentext
16
Produkty
Opentext firstclass desktop client
Documentum administrator
Documentum webtop
Livelink ecm
Documentum content server
Opentext/ixos ecm for sap netweaver
Document sciences xpression
Exceed ondemand
Documentum d2
Content server
Secure mft 2013
Secure mft 2014
Tempo box
Opentext portal
Brava\! desktop
Brava\!
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Exceed ondemand' 
Polish
English