OpenText Exceed OnDemand Vulnerability in Bidirectional Authentication
CVE-2013-6806

Currently unrated

Key Information:

Vendor: Opentext
Status: Exceed Ondemand
Vendor: CVE Published:; 19 May 2014

Summary

OpenText Exceed OnDemand version 8 is susceptible to an authentication bypass vulnerability that enables man-in-the-middle attackers to circumvent bidirectional authentication. By crafting a specific response string, attackers can downgrade the authentication process to a less secure method, causing sensitive information, including user credentials, to be transmitted in plaintext. This vulnerability poses significant risks as it allows unauthorized access and potential exploitation of confidential data.

References

https://github.com/koto/exceed-mitm

x_refsource_MISC

Timeline

Vulnerability published
May 19, 2014
Vulnerability Reserved
Nov 17, 2013