CVE-2025-58435

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-58435

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58435.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-58435

Aliases

GHSA-7vh8-mw9f-5r99

Published

2025-09-09T19:43:47.379Z

Modified

2026-04-10T05:32:53.291839Z

Severity

4.1 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U CVSS Calculator

Summary

Open OnDemand didn't rotate password for VNC batch_connect

Details

Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The likelihood of exploitation is low as a user would need to share their link to an active desktop session and the other user would need to be authenticated to the portal. But obtaining the link would allow that user to perform any actions as the original user and access their data. Open OnDemand 3.1.15 and 4.0.7 have patched this vulnerability and correctly rotate passwords for any version of TurboVNC. As a workaround, downgrade TurboVNC to a version lower than 3.1.2.

Database specific

{
    "cwe_ids": [
        "CWE-262"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/58xxx/CVE-2025-58435.json",
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/osc/ondemand

Affected ranges

Type

GIT

Repo

https://github.com/osc/ondemand

Events

Introduced

Fixed

819c23ed466b552c08bbcecd83cda51037e63eae

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.1.15"
        }
    ]
}

Type

GIT

Repo

https://github.com/osc/ondemand

Events

Introduced

58a5ee99bcb03af6512e9cb21015be49047d465e

Fixed

73da684f4900b363a143ada553d02b3a22090c38

Database specific

{
    "versions": [
        {
            "introduced": "4.0.0-0.rc1"
        },
        {
            "fixed": "4.0.7"
        }
    ]
}

Affected versions

v.*

v.3.1.3

v1.*

v1.2.1

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.4.0

v1.4.1

v1.4.10

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4.8

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.6

v1.6.0

v1.6.1

v1.6.10

v1.6.11

v1.6.12

v1.6.12_citest

v1.6.13

v1.6.14

v1.6.15

v1.6.16

v1.6.17

v1.6.17-2

v1.6.18

v1.6.18_rc1

v1.6.19

v1.6.2

v1.6.3

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.6.8

v1.6.8_cr3

v1.6.9

v1.7.0

v1.7.0-2

v1.7.0_rc1

v1.7.0_rc2

v1.7.1

v1.7.10

v1.7.10-2

v1.7.11

v1.7.12

v1.7.14

v1.7.2

v1.7.2_demo

v1.7.2_demo-2

v1.7.3

v1.7.3-2

v1.7.3-3

v1.7.4

v1.7.5

v1.7.6

v1.7.7

v1.7.7_rc1

v1.7.7_rc2

v1.7.7_rc3

v1.7.7_rc4

v1.7.7_rc5

v1.7.8

v1.7.9

v1.8.0

v1.8.1

v1.8.10

v1.8.11

v1.8.12

v1.8.13

v1.8.13-2

v1.8.14

v1.8.15

v1.8.16

v1.8.17

v1.8.18

v1.8.19-2

v1.8.2

v1.8.3

v1.8.4

v1.8.5

v1.8.6

v1.8.7

v1.8.8

v1.8.9

v2.*

v2.0.0

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.15

v2.0.16

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.1.0

v2.1.0-0.rc1

v2.1.0-0.rc2

v2.1.0-0.rc3

v2.1.0-0.rc4

v2.1.0-0.rc5

v2.1.0-0.rc6

v2.1.0-0.rc7

v2.1.0-0.rc8

v2.1.0-0.rc9

v2.1.0-0.start

v2.1.0-0.start.1

v2.1.0-0.start.2

v2.1.0-0.start.3

v2.1.0-0.start.4

v3.*

v3.0.0

v3.0.0-0.rc1

v3.0.1

v3.1.0

v3.1.0-0.1.start.1

v3.1.0-0.rc1

v3.1.0-0.rc2

v3.1.1

v3.1.10

v3.1.11

v3.1.12

v3.1.13

v3.1.14

v3.1.4

v3.1.5

v3.1.6

v3.1.7

v3.1.8

v3.1.9

v4.*

v4.0.0

v4.0.0-0.rc1

v4.0.1

v4.0.2

v4.0.3

v4.0.4

v4.0.5

v4.0.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58435.json"