PT-2025-29283 · Unknown · Open Ondemand

Csc-Swesters

Publicado

2025-07-11

Atualizado

2025-07-12

CVE-2025-53636

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions: Open OnDemand versions prior to 3.1.14 Open OnDemand versions prior to 4.0.6

Description: Open OnDemand, an open-source HPC portal, is susceptible to a denial-of-service (DoS) condition. By interacting with the shell application and generating numerous errors, users can flood logs, creating excessively large log files. This log flooding can lead to a DoS attack against the Open OnDemand system.

Recommendations: Update Open OnDemand to version 3.1.14 or later. Update Open OnDemand to version 4.0.6 or later.

Exploit

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-779CWE-400

Identificadores relacionados

CVE-2025-53636

GHSA-X5XV-FW37-V524

Produtos afetados

Open Ondemand

PT-2025-29283 · Unknown · Open Ondemand

CVE-2025-53636

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10