Session Fixation Vulnerability in OpenText Exceed OnDemand Product
CVE-2013-6994

Currently unrated

Key Information:

Vendor: Opentext
Status: Exceed Ondemand
Vendor: CVE Published:; 19 May 2014

What is CVE-2013-6994?

OpenText Exceed OnDemand version 8 is prone to a session fixation vulnerability due to transmitting session IDs in cleartext over the network. This flaw allows remote attackers to intercept the session ID and potentially take control of user sessions. Ensuring secure transmission protocols and implementing session management best practices are essential to mitigate risks associated with this vulnerability.

References

https://github.com/koto/exceed-mitm

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2014
Vulnerability Reserved
Dec 6, 2013

Opentext

What is CVE-2013-6994?

References

Timeline