CNNVD-202509-1181 Information

CNNVD ID

CNNVD-202509-1181

Related CVE

CVE-2025-58435

• CNNVD Published: 2025-09-09

Description (Chinese)

Open OnDemand是Ohio Supercomputer Center开源的一个通过Web实现开放式交互式HPC的软件。 Open OnDemand 3.1.15和4.0.7之前版本存在安全漏洞，该漏洞源于密码轮换不当，可能导致会话劫持。

Description (English)

Open OnDemand is an open interactive HPC software from the Open Supercomputer Center open source through Web. Open OnDemand 3.1.15 and before 4.0.7, there was a security loophole, which stemmed from improper password rotation, which could lead to the hijacking of conversations.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ohio Supercomputer Center

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/OSC/ondemand/security/advisories/GHSA-7vh8-mw9f-5r99 https://access.redhat.com/security/cve/cve-2025-58435

Patch

https://github.com/OSC/ondemand/releases