Known Issues
| Bug ID | Title | Description |
|---|---|---|
| 57036 | OS Package Vulnerabilities Scheduled for Future Patches | CVEs identified before 18th June: CVE-2025-23419, CVE-2022-41742, CVE-2024-7347, CVE-2022-41741 (nginx) These NGINX-related vulnerabilities require specific configurations, such as multiple server blocks using client certificate authentication (CVE-2025-23419), enabling HTTP/2 (CVE-2022-41742), the use of the mp4 directive (CVE-2024-7347), or the presence of Go-based components (CVE-2022-41741). In the Accops HySecure environment, none of these conditions are met. As a result, these CVEs are not exploitable. This fix is deferred due to the impact on product functionality. CVE-2025-4598 (systemd) This vulnerability in systemd-coredump allows local information disclosure due to a race condition during core dump handling. In the Accops HySecure environment, core dump storage is disabled, and there are no unprivileged users, making exploitation unlikely. This fix is deferred due to the impact on product functionality. CVE-2024-36357, CVE-2024-36350 (kernel-uek) Successful exploitation of these CVEs requires specific conditions such as the ability to execute untrusted code on the server and perform high-resolution timing measurements, typically achievable only in shared, multi-tenant, or virtualized environments. Given the tightly controlled nature of the HySecure appliance, with terminal access to a single user only, no multi-tenant workloads, and no guest virtualization, the complexity and probability of successful exploitation are extremely low. CVEs identified after 10th July: CVE-2024-36350,CVE-2024-36357,CVE-2023-52572,CVE-2023-52572,CVE-2023-52621,CVE-2023-52757,CVE-2024-26686,CVE-2024-26739,CVE-2024-26952,CVE-2024-27402,CVE-2024-35790,CVE-2024-35866,CVE-2024-35867,CVE-2024-35943,CVE-2024-36350,CVE-2024-36357,CVE-2024-36908,CVE-2024-38540,CVE-2024-38541,CVE-2024-42160,CVE-2024-42322,CVE-2024-44938,CVE-2024-46742,CVE-2024-46751,CVE-2024-46774,CVE-2024-46784,CVE-2024-46816,CVE-2024-49960,CVE-2024-49989,CVE-2024-50047,CVE-2024-50125,CVE-2024-50258,CVE-2024-50272,CVE-2024-50280,CVE-2024-53128,CVE-2024-53185,CVE-2024-53203,CVE-2024-54458,CVE-2024-56551,CVE-2024-56599,CVE-2024-56655,CVE-2024-56658,CVE-2024-56751,CVE-2025-21681,CVE-2025-21839,CVE-2025-21853,CVE-2025-22027,CVE-2025-22062,CVE-2025-23140,CVE-2025-23142,CVE-2025-23144,CVE-2025-23145,CVE-2025-23146,CVE-2025-23147,CVE-2025-23148,CVE-2025-23150,CVE-2025-23151,CVE-2025-23156,CVE-2025-23157,CVE-2025-23158,CVE-2025-23159,CVE-2025-23161,CVE-2025-23163,CVE-2025-37738,CVE-2025-37739,CVE-2025-37740,CVE-2025-37741,CVE-2025-37742,CVE-2025-37749,CVE-2025-37752,CVE-2025-37756,CVE-2025-37757,CVE-2025-37758,CVE-2025-37765,CVE-2025-37766,CVE-2025-37767,CVE-2025-37768,CVE-2025-37770,CVE-2025-37771,CVE-2025-37773,CVE-2025-37780,CVE-2025-37781,CVE-2025-37787,CVE-2025-37788,CVE-2025-37789,CVE-2025-37790,CVE-2025-37792,CVE-2025-37794,CVE-2025-37796,CVE-2025-37797,CVE-2025-37803,CVE-2025-37805,CVE-2025-37808,CVE-2025-37810,CVE-2025-37812,CVE-2025-37817,CVE-2025-37819,CVE-2025-37823,CVE-2025-37824,CVE-2025-37829,CVE-2025-37830,CVE-2025-37836,CVE-2025-37838,CVE-2025-37839,CVE-2025-37840,CVE-2025-37841,CVE-2025-37844,CVE-2025-37850,CVE-2025-37857,CVE-2025-37858,CVE-2025-37859,CVE-2025-37862,CVE-2025-37867,CVE-2025-37875,CVE-2025-37881,CVE-2025-37883,CVE-2025-37885,CVE-2025-37890,CVE-2025-37892,CVE-2025-37905,CVE-2025-37909,CVE-2025-37911,CVE-2025-37913,CVE-2025-37914,CVE-2025-37915,CVE-2025-37923,CVE-2025-37927,CVE-2025-37929,CVE-2025-37930,CVE-2025-37940,CVE-2025-37949,CVE-2025-37967,CVE-2025-37969,CVE-2025-37970,CVE-2025-37982,CVE-2025-37983,CVE-2025-37985,CVE-2025-37989,CVE-2025-37990,CVE-2025-37991,CVE-2025-37992,CVE-2025-37994,CVE-2025-37995,CVE-2025-37997,CVE-2025-37998,CVE-2025-38005,CVE-2025-38009,CVE-2025-38023,CVE-2025-38024,CVE-2025-38031,CVE-2025-38089,CVE-2024-36357,CVE-2024-36350, CVE-2024-52615 The CVEs listed above require either local access, specific configurations, or enabled features that are not present or exposed in HySecure. Hence, they are not exploitable in the current environment. These will be addressed in the upcoming patch cycle. |
| 54198 | Upgrade Entry Missing for Active and Standby Nodes | After applying this release, the HySecure database may not have the upgrade entries for the Active and Standby nodes corresponding to this hotfix. Although the Admin log, Upgrade log, and upgrade entry in files will be available. |
| 46950 | World Writable Files and Directories exist on HySecure | There exist a few files and directories on the server with world-writable permissions (rw-rw-rw-). This is a low-risk, low-severity issue that requires additional evaluation and validation before modifying permissions to prevent any impact on functionality. However, the following compensating controls are in place to reduce risk exposure: No unprivileged users exist on the server who could exploit these permissions. Access to the server is restricted to authorized administrators only. |