Weak Password Encryption in OpenText Exceed OnDemand by OpenText
CVE-2013-6805

Currently unrated

Key Information:

Vendor: Opentext
Status: Exceed Ondemand
Vendor: CVE Published:; 19 May 2014

What is CVE-2013-6805?

OpenText Exceed OnDemand (EoD) 8 utilizes weak encryption methods for user passwords, considerably increasing the risk of credential exposure. This vulnerability enables remote attackers to intercept and decipher sensitive credentials through network sniffing techniques. Moreover, local users can easily access these credentials by inspecting the .eod8 files, making the system susceptible to unauthorized access. It is crucial for users to be aware of this security flaw and consider appropriate mitigations.

References

https://github.com/koto/exceed-mitm

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2014
Vulnerability Reserved
Nov 17, 2013

Opentext

What is CVE-2013-6805?

References

Timeline