CVE-2023-40253

Summary

Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

Affected Software

VendorProductVersion RangeStatus
GeniansGenian NAC V4.0V4.0.0 <= V4.0.155affected
GeniansGenian NAC V5.0V5.0.0 <= V5.0.42 (Revision 117460)affected
GeniansGenian NAC Suite V5.0V5.0.0 <= V5.0.54affected
GeniansGenian ZTNAV6.0.0 <= V6.0.15affected

Weaknesses

  • CWE-78: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References