CNNVD-202512-4247 Information
CNNVD ID
CNNVD-202512-4247
Related CVE
- CNNVD Published: 2025-12-24
Description (Chinese)
Fsas Technologies ETERNUS SF等都是日本Fsas Technologies公司的产品。Fsas Technologies ETERNUS SF是一个储存系统复制与备份管理软件。Fujitsu ETERNUS SF ACM等都是日本富士通(Fujitsu)公司的产品。Fujitsu ETERNUS SF ACM是一个数据复制备份和恢复组件。Fujitsu ETERNUS SF Express是一个存储管理模块。Fujitsu ETERNUS SF Storage Cruiser是一个存储管理平台。 Fujitsu多款产品和Fsas多款产品存在日志信息泄露漏洞,该漏洞源于收集的维护数据可被非管理员访问,可能影响系统机密性、完整性和可用性。以下产品及版本受到影响:Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express 16.8-16.9.1 PA 2025-12之前版本。
Description (English)
Fsas Technologies Eternus SF and others are products of the Japanese company Fsas Technologies. Fsas Technologies Eternus SF is a storage system copy and backup management software. Fujitsu Enernus SF ACM and others are products of Fujitsu Japan. Fujitsu ETERNUS SF ACM is a backup and recovery component for data reproduction. Fujitsu Eternus SF Express is a storage management module. Fujitsu ETERNUS SF Storage Cruiser is a storage management platform. There is a log-messaging gap between Fujitsu and Fsas products, which stems from the fact that maintenance data collected can be accessed by non-administrators and may affect the confidentiality, integrity and availability of the system. The following products and versions were affected: Fujitsu / Fsas Technologies ETERNUS EF ACM/SC/Express 16.8-16.9.1 pre-PA 2025-12.
Hazard Level
High
Vulnerability Type
日志信息泄露
Published
2025-12-24
Last Modified
2026-02-24
References
https://security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-STR-2025-111413-Security-Notice.pdf https://access.redhat.com/security/cve/cve-2025-68919
Patch
https://global.fujitsu/en-global
Share on: