CVE-2013-6994

Name of the Vulnerable Software and Affected Versions OpenText Exceed OnDemand (EoD) version 8

Description The issue allows remote attackers to perform session fixation attacks by sniffing the network, as the session ID is transmitted in cleartext.

Recommendations For version 8, consider implementing encryption for session IDs to prevent them from being intercepted in cleartext, or apply a patch if one becomes available. As a temporary workaround, restrict access to sensitive networks to minimize the risk of exploitation.