Vulnerabilites related to OSC - ondemand
CVE-2025-58435 (GCVE-0-2025-58435)
Vulnerability from cvelistv5
Published
2025-09-09 19:43
Modified
2025-09-10 13:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-262 - Not Using Password Aging
Summary
Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The likelihood of exploitation is low as a user would need to share their link to an active desktop session and the other user would need to be authenticated to the portal. But obtaining the link would allow that user to perform any actions as the original user and access their data. Open OnDemand 3.1.15 and 4.0.7 have patched this vulnerability and correctly rotate passwords for any version of TurboVNC. As a workaround, downgrade TurboVNC to a version lower than 3.1.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/OSC/ondemand/security/advisories/GHSA-7vh8-mw9f-5r99 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:54:14.049896Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T13:54:22.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ondemand",
"vendor": "OSC",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.15"
},
{
"status": "affected",
"version": "\u003e= 4.0.0-0.rc1, \u003c 4.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The likelihood of exploitation is low as a user would need to share their link to an active desktop session and the other user would need to be authenticated to the portal. But obtaining the link would allow that user to perform any actions as the original user and access their data. Open OnDemand 3.1.15 and 4.0.7 have patched this vulnerability and correctly rotate passwords for any version of TurboVNC. As a workaround, downgrade TurboVNC to a version lower than 3.1.2."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-262",
"description": "CWE-262: Not Using Password Aging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T19:43:47.379Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OSC/ondemand/security/advisories/GHSA-7vh8-mw9f-5r99",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OSC/ondemand/security/advisories/GHSA-7vh8-mw9f-5r99"
}
],
"source": {
"advisory": "GHSA-7vh8-mw9f-5r99",
"discovery": "UNKNOWN"
},
"title": "Open OnDemand didn\u0027t rotate password for VNC batch_connect"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58435",
"datePublished": "2025-09-09T19:43:47.379Z",
"dateReserved": "2025-09-01T20:03:06.532Z",
"dateUpdated": "2025-09-10T13:54:22.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53636 (GCVE-0-2025-53636)
Vulnerability from cvelistv5
Published
2025-07-11 21:20
Modified
2025-07-14 20:13
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/OSC/ondemand/security/advisories/GHSA-x5xv-fw37-v524 | x_refsource_CONFIRM | |
| https://github.com/OSC/ondemand/commit/40800d68cd019c5f1c48b2deafebba6dff4abee2 | x_refsource_MISC | |
| https://github.com/OSC/ondemand/commit/96f29b995e1add7562516614e4dc8d961987e8b4 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T14:45:51.860688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T20:13:13.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ondemand",
"vendor": "OSC",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.6, \u003c 3.1.14"
},
{
"status": "affected",
"version": "\u003e= 4.0.0-0.rc1, \u003c 4.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-779",
"description": "CWE-779: Logging of Excessive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-11T21:20:14.261Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OSC/ondemand/security/advisories/GHSA-x5xv-fw37-v524",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OSC/ondemand/security/advisories/GHSA-x5xv-fw37-v524"
},
{
"name": "https://github.com/OSC/ondemand/commit/40800d68cd019c5f1c48b2deafebba6dff4abee2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OSC/ondemand/commit/40800d68cd019c5f1c48b2deafebba6dff4abee2"
},
{
"name": "https://github.com/OSC/ondemand/commit/96f29b995e1add7562516614e4dc8d961987e8b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OSC/ondemand/commit/96f29b995e1add7562516614e4dc8d961987e8b4"
}
],
"source": {
"advisory": "GHSA-x5xv-fw37-v524",
"discovery": "UNKNOWN"
},
"title": "Open OnDemand Shell App closed websocket DoS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53636",
"datePublished": "2025-07-11T21:20:14.261Z",
"dateReserved": "2025-07-07T14:20:38.390Z",
"dateUpdated": "2025-07-14T20:13:13.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}