PT-2023-27348 · Genians · Genian Ztna+2
Published
2023-08-11
·
Updated
2023-08-29
·
CVE-2023-40253
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Genians Genian NAC versions 4.0.0 through 4.0.155
Genians Genian NAC versions 5.0.0 through 5.0.42 (Revision 117460)
Genians Genian NAC Suite versions 5.0.0 through 5.0.54
Genians Genian ZTNA versions 6.0.0 through 6.0.15
Description
The issue is related to an Improper Authentication vulnerability, allowing Authentication Abuse or Functionality Misuse. This vulnerability affects various versions of Genians Genian NAC, Genian NAC Suite, and Genian ZTNA.
Recommendations
For Genians Genian NAC versions 4.0.0 through 4.0.155, update to a version later than 4.0.155 to resolve the issue.
For Genians Genian NAC versions 5.0.0 through 5.0.42 (Revision 117460), update to a version later than 5.0.42 (Revision 117460) to resolve the issue.
For Genians Genian NAC Suite versions 5.0.0 through 5.0.54, update to a version later than 5.0.54 to resolve the issue.
For Genians Genian ZTNA versions 6.0.0 through 6.0.15, update to a version later than 6.0.15 to resolve the issue.
Fix
OS Command Injection
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Genian Nac
Genian Nac Suite
Genian Ztna