Known Issues
| Bug ID | Title | Description |
|---|---|---|
| 60570 | OS Package Vulnerabilities Scheduled for Future Patches | CVEs Identified Before 5th September: CVE-2025-4598 (systemd) - This vulnerability in systemd-coredump allows for local information disclosure due to a race condition during core dump handling. In the Accops HySecure environment, core dump storage is disabled, and there are no unprivileged users, making exploitation highly unlikely. This fix is deferred due to the impact on product functionality. CVEs Identified After 5th September: CVE-2025-58060, CVE-2025-58364, CVE-2024-26726, CVE-2024-57883, CVE-2025-37948, CVE-2025-37958, CVE-2025-37963, CVE-2025-38000, CVE-2025-38001, CVE-2025-38003, CVE-2025-38004, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38044, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38058, CVE-2025-38061, CVE-2025-38066, CVE-2025-38068, CVE-2025-38072, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38083, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38094, CVE-2025-38100, CVE-2025-38102, CVE-2025-38103, CVE-2025-38107, CVE-2025-38108, CVE-2025-38111, CVE-2025-38112, CVE-2025-38115, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38136, CVE-2025-38146, CVE-2025-38147, CVE-2025-38154, CVE-2025-38157, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38163, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38200, CVE-2025-38206, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38222, CVE-2025-38229, CVE-2025-38231, CVE-2025-38245, CVE-2025-38249, CVE-2025-38251, CVE-2025-38263, CVE-2025-38273, CVE-2025-38280, CVE-2025-38285, CVE-2025-38293, CVE-2025-38298, CVE-2025-38305, CVE-2025-38310, CVE-2025-38312, CVE-2025-38319, CVE-2025-38320, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38332, CVE-2025-38336, CVE-2025-38337, CVE-2025-38342, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38348, CVE-2025-38350, CVE-2025-38352, CVE-2025-38363, CVE-2025-38380, CVE-2025-38386, CVE-2025-38387, CVE-2025-38389, CVE-2025-38391, CVE-2025-38393, CVE-2025-38395, CVE-2025-38399, CVE-2025-38400, CVE-2025-38403, CVE-2025-38404, CVE-2025-38406, CVE-2025-38410, CVE-2025-38412, CVE-2025-38415, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38424, CVE-2025-38430, CVE-2025-38498, CVE-2025-30722, CVE-2025-30693, CVE-2023-52970, CVE-2023-52969, CVE-2023-52971** The CVEs listed above require either local access, specific configurations, or enabled features that are not present or exposed in HySecure. Hence, the complexity and probability of successful exploitation are extremely low. These will be addressed in the upcoming patch cycle. |
| 54198 | Upgrade Entry Missing for Active and Standby Nodes | After applying this release, the HySecure database may not have the upgrade entries for the Active and Standby nodes corresponding to this hotfix. Although the Admin log, Upgrade log, and upgrade entry in files will be available. |
| 46950 | World Writable Files and Directories exist on HySecure | There exist a few files and directories on the server with world-writable permissions (rw-rw-rw-). This is a low-risk, low-severity issue that requires additional evaluation and validation before modifying permissions to prevent any impact on functionality. However, the following compensating controls are in place to reduce risk exposure: No unprivileged users exist on the server who could exploit these permissions. Access to the server is restricted to authorized administrators only. |