Описание
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:opentext:exceed_ondemand:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00229
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.
EPSS
Процентиль: 46%
0.00229
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-287