CVE-2025-58435
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-09

Last updated on: 2025-09-11

Assigner: GitHub, Inc.

Description
Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The likelihood of exploitation is low as a user would need to share their link to an active desktop session and the other user would need to be authenticated to the portal. But obtaining the link would allow that user to perform any actions as the original user and access their data. Open OnDemand 3.1.15 and 4.0.7 have patched this vulnerability and correctly rotate passwords for any version of TurboVNC. As a workaround, downgrade TurboVNC to a version lower than 3.1.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-09
Last Modified
2025-09-11
Generated
2026-05-07
AI Q&A
2025-09-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-58435
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
turbo_vnc turbo_vnc 3.1.2
ondemand ondemand 4.0.6
ondemand ondemand 3.1.14
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-262 The product does not have a mechanism in place for managing password aging.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection involves verifying the Open OnDemand version and the TurboVNC version in use. Check if Open OnDemand is running a version prior to 3.1.15 or 4.0.7 and if TurboVNC is above version 3.1.2. You can use commands like 'ondemand --version' or check the installed package version for Open OnDemand, and 'vncserver -version' or 'turboVNC -version' to determine the TurboVNC version. Additionally, monitor for shared active desktop session links being accessed by multiple authenticated users, which could indicate exploitation attempts. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading Open OnDemand to version 3.1.15 or 4.0.7 or later, where the vulnerability is patched. Alternatively, downgrade TurboVNC to a version lower than 3.1.2 to avoid the password rotation issue. Also, restrict sharing of active desktop session links and ensure that only trusted authenticated users have access to the portal. [1]


Can you explain this vulnerability to me?

This vulnerability in Open OnDemand occurs because noVNC interactive applications do not properly rotate the VNC password when TurboVNC is used at versions higher than 3.1.2. If a user shares a link to an active desktop session, another authenticated user who obtains this link can perform any actions as the original user and access their data. The issue arises from a lack of password rotation, which means the password remains valid and unchanged, allowing unauthorized access through the shared session link. [1]


How can this vulnerability impact me? :

If exploited, this vulnerability allows an authenticated user who obtains a shared session link to act as the original user, performing any actions and accessing their data within the Open OnDemand portal. This could lead to unauthorized data access and potential misuse of the original user's privileges. However, the likelihood of exploitation is low because the attacker must both receive the session link and be authenticated to the portal. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart