Release Notes
Release Date: June 2026
Version: CCC 4.5.1
Welcome to CCC 4.5.1. This release focuses on improved platform reliability, validated scalability for enterprise-scale deployments, enhanced accessibility, and a strengthened security posture. The sections below cover what is new, key changes, advisories, compatibility details, and issues still under review.
Release Highlights
CCC 4.5.1 delivers targeted improvements across reliability, security, accessibility, and enterprise readiness. This release resolves issues identified through accessibility and ADA reviews, validates performance at enterprise scale, and remediates known vulnerabilities while refreshing outdated components. Together, these changes strengthen the platform's stability, security, and readiness for production environments.
Accessibility Improvements
CCC 4.5.1 resolves several issues identified through ongoing accessibility reviews and ADA guidance, resulting in a more consistent, accessible, and dependable experience across the platform. These improvements address behaviors observed in customer and production environments and take effect automatically upon upgrade, requiring no configuration changes from administrators or end users.
Enterprise Scalability Validation
This release further validates CCC's readiness for enterprise-scale deployments through extensive performance and scalability testing. The results confirm that the platform maintains stable and predictable operation under demanding workloads, giving administrators confidence in deploying CCC across large environments.
Security Enhancements
CCC 4.5.1 includes a comprehensive set of security improvements designed to reduce risk and keep the platform current. Known Common Vulnerabilities and Exposures (CVEs) have been remediated, and components identified through security assessments have been updated to address known risks.
Platform Updates
CCC 4.5.1 also refreshes application dependencies, base operating system packages, and underlying platform technologies to incorporate the latest upstream improvements and maintain long-term support. These updates are applied automatically as part of the upgrade process and require no additional configuration.
Minimum Luna SA Firmware Requirements for CCC 4.5.1
CCC relies on specific Luna SA software and firmware versions to support various HSM management and monitoring capabilities. The table below outlines the minimum Luna SA versions required to use these operations within CCC.
| Capability | Minimum SA Version | Minimum SA Firmware |
|---|---|---|
| Device Monitoring (Full) | 7.3.0 | 7.3.0 |
| Apply Software Package | 7.3.0 | 7.3.0 |
| Update Firmware | 7.3.0 | 7.3.0 |
| Service Monitoring | 7.4.0 | 7.4.0 |
Advisories
These advisories highlight version-specific behaviors and conditions that may affect certain workflows in CCC 4.5.1.
Luna HSM 7.8.4 and 7.8.5 — REST API Performance Degradation
Customers using Luna HSM firmware 7.8.4 or 7.8.5 may observe gradual performance degradation on REST API calls to partition resources, which can also affect CCC operations. This issue does not affect firmware 7.8.3 or earlier. Apply the relevant patch — KB0028956 for 7.8.5-20, or KB0028955 for 7.8.4-350 — or limit/downgrade REST API usage until the patch is applied. See KB0028804 for full details.
Luna HSM 7.1 — Incorrect CPU Usage Reporting
Luna Network HSM firmware 7.1 always reports HSM CPU usage as 99.9%, regardless of actual performance. This value is inaccurate and should not be used for operational assessment within CCC.
ccc_client — PED-Authenticated HA Group Deployment
If an incorrect challenge password is entered during deployment of a PED-authenticated HSM partition HA group using ccc_client, the service may appear as deployed but will remain non-operational. Relaunch ccc_client, revoke the service, and redeploy following the steps in the CCC User Guide.
Luna Appliance Software 7.3.3 and 7.3.4 — Feature Limitations
Devices running Luna appliance software 7.3.3 or 7.3.4 may experience restricted CCC functionality, as certain features are not supported on these firmware versions.
Security & Operational Guidance
These recommendations help maintain a secure, stable, and resilient CCC deployment.
Security Guidelines
Refer to the Security Guidelines for detailed recommendations on protecting your deployment against threats such as code injection, MITM attacks, and DoS attacks.
Server Monitoring
CCC cannot notify users if the CCC server becomes unavailable. We recommend using an external server monitoring system to track availability, health, and continuity of your CCC deployment.
Compatibility Information
The Hardware and Software Requirements page of the CCC User Guide provides complete compatibility details for supported platforms, operating systems, and managed devices. Reviewing this page ensures your environment meets the certified requirements for a stable and fully supported CCC deployment.
Supported Versions of CCC
We support the three most recent released versions of CCC. Security patches and bug fixes are applied on an ongoing basis to the latest versions. If a critical issue arises, we may recommend upgrading to the latest version to ensure optimal stability and security. While older versions may not receive regular updates, our support teams remain available to help you get the most value from your existing deployment.
Upgrade Instructions
Upgrading to CCC 4.5.1 follows a structured, data-preserving process, and some older versions require an intermediate upgrade before moving to 4.5.1. To ensure a smooth transition and retain all existing configurations, logs, and database content, review the upgrade prerequisites and follow the version-specific steps outlined in the official Upgrading CCC guide.
Resolved Issues
The following issues reported in earlier versions have been resolved in this release, resulting in a smoother, more reliable, and more predictable CCC experience:
| Issue ID | Severity | Description & Resolution |
|---|---|---|
| CCC-16708 | Medium | In IPv4-only virtual machine environments (with IPv6 disabled), the CCC database container failed on its first startup because the database initialization process expected networking conditions that were not present. This is fixed in 4.5.1. The database container now initializes successfully on first startup. |
| CCC-16711 | Medium | Certain UI elements were not visible when Windows 11 was configured in Dark mode. This is fixed in 4.5.1. UI elements now display correctly in Dark mode. |
| CCC-16751 | Medium | On HSMs running appliance version 7.9.0 or later, if Policy 58 was enabled, the "Include in service data" toggle in the CCC Service Monitoring section appeared permanently disabled. This is fixed in 4.5.1. Service monitoring now works correctly regardless of whether Policy 58 is enabled or disabled. |
| CCC-16789 | Medium | When attempting to upgrade a Luna SA appliance, the upgrade silently failed. CCC showed no error, the device rebooted, and the appliance remained on the same version with no upgrade applied. This happened because the file size limit for the upgrade request was hardcoded, causing the appliance to reject it when there was insufficient space. This is fixed in 4.5.1. The file size limit is now calculated dynamically based on the actual package size, and Luna SA appliance upgrades complete successfully. |
Known Issues
These are the issues currently being tracked that may affect specific workflows. Where possible, recommended workarounds or operational guidance are provided.
| Issue ID | Severity | Description & Workaround |
|---|---|---|
| CCC-8819 | Medium | In some cases, deregistration does not complete after an organization change, leaving the service in an inconsistent state. Workaround: Manually detach the service, re-import the device, redeploy, and then revoke the old configuration to restore normal operation. |
| CCC-12639 | Medium | When using ccc_client.jar, exiting the certificate validation prompt may result in an unexpected error message. Workaround: This error is harmless and has no impact on subsequent executions. Simply re-run ccc_client.jar and accept the certificate validation prompt. |
| CCC-14667 | Medium | Entering an incorrect Crypto Officer (CO) password may cause CCC to display an invalid Log Off button instead of the correct error feedback. Workaround: Simply ignore the button state and retry with the correct CO password; normal behavior resumes once a valid password is supplied. |
| CCC-16025 | Medium | Migration of V1 services from 7.8.x partitions may fail due to underlying compatibility limitations. Workaround: There is no workaround available at this time; affected migrations cannot proceed until engineering releases a fix. |
| RAPI-6096 | Medium | CCC may be unable to retrieve Luna logs from Luna SA appliances running firmware versions 7.9.0 and 7.9.1 because the underlying REST API does not return a valid response. Workaround: Upgrade the appliance to firmware version 7.9.2, which resolves this issue. |
Contacting Thales Support
If you require assistance at any point, contact Thales Customer Support.