Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenText Exceed OnDemand 安全绕过漏洞
Vulnerability Description
OpenText Exceed OnDemand(EoD)是加拿大OpenText公司的一套专为企业设计的用于远程访问托管应用程序的解决方案。该方案支持多用户共享同一个Exceed onDemand进程、暂停和恢复Exceed onDemand进程、本地打印等。 EoD 8版本的客户端存在安全漏洞,该漏洞源于程序默认支持匿名密码。攻击者可借助特制的响应利用该漏洞实施中间人攻击,绕过服务器证书验证,重定向连接,获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A