Genian NAC 5.0.53 Release Notes (2023-02-22)
Last Updated: 2023-07-20
Security Vulnerability
| Revision | Key | Components | Description | Affects Versions | CVSS Score |
|---|---|---|---|---|---|
| 116659 | GN-26814 | Center | Code improvements to Bufferoverflow | 2 | |
| 114720 | GN-26368 | WebUI | Vulnerability where an administrator's API key is exposed to other administrators | 5.3 | |
| 114214 | GN-26392 | WebUI | Vulnerability that allows unprivileged administrators to download debug logs | 2.9 | |
| 113219 | GN-26460 | Windows Agent | A vulnerability that allows an ordinary user to obtain PC administrator rights via an agent | 5.0.0, 6.0.0 | 4.6 |
| 112785 | GN-26286 | WebUI | An issue where Google OTP 2-step verification can pass 2-step verification by receiving a new security key | 6.5 | |
| 111886 | GN-26150 | WebUI | Tomcat version upgrade (9.0.68 -> 9.0.72, 8.5.78 -> 8.5.86) | ||
| 111844 | GN-26205 | Database | MySQL version upgrade 5.7.40 -> 5.7.41 | ||
| 111681 | GN-25869 | CWP | A problem where only an account (ID) is authenticated when CWP is authenticated using the agent user authentication menu when the IP management message is first on | 6.0.3, 5.0.46 | 3.4 |
| 111257 | GN-26062 | Center, macOS Agent, Sensor, Windows Agent | OpenSSL 1.1.1t upgrade - Passing random pointers to memcmp calls can read memory contents or cause denial of service | 7.4 |
New Features and Improvements
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 118280 | GN-26838 | Ubuntu(Debian) | [General-purpose OS] ICMP Timestamp support removed | |
| 117757 | GN-26702 | WebUI | A function that outputs a warning when external access is permitted from the policy server | |
| 117448 | GN-26769 | Linux Agent | Linux Agent, development of distribution plug-ins based on Sigstore electronic signatures | |
| 116767 | GN-26826 | geniup | A problem where a disk runs out when performing geniup on a UEFI system | |
| 116532 | GN-26705 | Center | Electronic signature verification of update server distribution data via SLSA | |
| 116395 | GN-26844 | Center, Sensor | Display whether the sensor can be accessed externally in sensor information (public IP) | |
| 115885 | GN-26786 | Center | Electronic signature verification for WSUSSCN2.CAB received from the update server | |
| 114255 | GN-26328 | WebUI | Improved to include node group names when downloading node groups in Excel | |
| 112651 | GN-26337 | macOS Agent | Add a macro for the user path to the macOS action execution condition | |
| 112523 | GN-26163 | Sensor | Changed to use the Dnsmasq Cache feature | |
| 112450 | GN-25704 | Sensor | Fixed so that CWP redirect works even when connecting via PROXY | |
| 112249 | GN-26255 | WebUI | Increase OTP input length to 32 characters | |
| 111932 | GN-25550 | WebUI | Improved so that a list of places of use can be output and deleted on the detailed screen of node/control actions | |
| 111632 | GN-26135 | macOS Agent | Added macOS file distribution options and improved logic related to file execution | 5.0.35 |
| 111418 | GN-25739 | WebUI | Add management roles when registering users in batches | |
| 111369 | GN-25990 | WebUI | User add/update function through SAML Assertion Attribute (user information) | |
| 111369 | GN-25630 | Center | Improved to enable BULK transmission when linked to an external WEBHOOK function of the audit log search filter | |
| 111369 | GN-25517 | WebUI | Improvement for columns that cannot be sorted due to the application of a converter in the node list | |
| 111369 | GN-25337 | WebUI | Improved so that audit logs generated during a specific time period can be set as a search filter every day |
Issues Fixed
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 117427 | GN-26213 | WebUI | An issue where an option value that does not change when assigning a node group after creating a node policy appears to have changed | 5.0.44 |
| 117233 | GN-26852 | Center, Genian Syncer | An issue where Mobilebrowser data cannot be updated when uploading Genie data via Syncer, and an issue where CVE data versions cannot be updated | 4.1.0 |
| 117182 | GN-26770 | Center, Sensor | [General-purpose OS] A problem where the sensor does not work as a distribution server | 5.0.29 |
| 116853 | GN-26839 | Center, Sensor | Policy Server/Sensor Memory Rick (Genie Update and Node Scan (https)) issues | 4.0.14 |
| 116616 | GN-26779 | WebUI | A problem where a warning message is output even when the log server (elasticsearch) is in a normal state | 5.0.23 |
| 116581 | GN-26758 | Windows Agent | If the agent runs on a local system, the Store app fails to be deleted through the program removal plug-in | 5.0.42, 6.0.0 |
| 116343 | GN-26623 | WebUI | A problem where the IP expiration time is not displayed when exporting to Excel when the node management view is an IP management view | 5.0.50 |
| 115785 | GN-26749 | ElasticSearch | [General-purpose OS] An issue where ES does not run properly intermittently because communication with Elastic is blocked by the Iptables policy | 5.0.31 |
| 115639 | GN-26727 | Sensor | [General-purpose OS] A problem where a DHCP server that assigns the same DNS as the sensor is detected as an abnormal DHCP server | |
| 115493 | GN-25887 | WebUI | Subcategories are not displayed in the multi-level category structure within the status 현황&필터의 노드그룹 내에 다단계의 카테고리 구조에서 하위 카테고리가 표시되지 않음 filter node group | 5.0.42, 5.0.45, 6.0.2 |
| 115289 | GN-26719 | WebUI | An issue where when creating a time object from the Policy > Object > Time menu causes the date to be stored incorrectly if the System Timezone and Administrator Timezone are different | 5.0.34 |
| 115122 | GN-26428 | Center | A problem that may fail depending on the OS type when upgrading the deb image through the console UI | 5.0.42, 6.0.12 |
| 115022 | GN-26607 | GenianOS | The problem of not being able to connect to the Genian Monitor program from the IP that allows access to the management WEBUI | 5.0.42, 5.0.50, 5.0.53, 6.0.13 |
| 114824 | GN-26647 | WebUI | Fixed an issue where Disk column content was not displayed on the system management screen | 5.0.23 |
| 114668 | GN-25626 | WebUI | An issue where regular users are searched even when the visitor's email approval target is an administrator | 4.0.M8 |
| 114312 | GN-26597 | WebUI | A problem where query reports are not generated when the DB/Log server is separated | 5.0.37 |
| 114300 | GN-26532 | WebUI | Fixed an issue where the number of NIC vendor status did not match | |
| 114265 | GN-26609 | WebUI | An error occurs when registering a node using the node addition field (user selector-mapping column name) | 5.0.42, 5.0.50, 6.0.11 |
| 114197 | GN-26440 | WebUI | There is no change in the tag, but the node details are also updated and processed when the node details are modified | 5.0.22, 6.0.4 |
| 114197 | GN-26425 | WebUI | A problem where the data does not include the parent department when selecting the user department in the node group condition | 5.0.35 |
| 114153 | GN-26280 | Center | A problem where a multi-sensor device is registered in an approved state when re-registered after deleting it | 6.0.8, 5.0.50 |
| 114066 | GN-26566 | WebUI | An issue where the changed information was updated and not displayed when the tab was moved after updating the node information | 5.0.50 |
| 113986 | GN-26476 | WebUI | Correction of errors on the execution results status page for each action | 5.0.50 |
| 113970 | GN-26299 | Center | Authentication acceptance issue even if the domain is different from the user domain associated with authentication | 5.0.53 |
| 113961 | GN-26272 | Center | SMTP authentication integration - Abnormal user authentication issue when using [account] @ [domain] ID format | 5.0.53 |
| 113769 | GN-25776 | Center | Improved so that password change expiration notifications are not displayed for users without a password and synchronized users (READ ONLY) | 4.0.18 |
| 113732 | GN-26549 | Sensor | Intermittent dnsmasq daemon restart symptoms | 6.0.12, 5.0.53 |
| 113655 | GN-26554 | Sensor | Too many open file errors occur in Ubuntu NAC Center/Sensor Equipment and the sensor status goes down | 5.0.51, 6.0.11 |
| 113594 | GN-26319 | WebUI | A problem where when clicking on the management device name on the audit log screen, node management is not retrieved and all are output | 5.0.38 |
| 113556 | GN-26448 | WebUI | An error where policy server information is not output from the system list after installing the Compose method | 5.0.6 |
| 113541 | GN-26540 | Windows Agent | Windows 11 is incorrectly displayed as Windows 10 when selecting the plug-in 'Applicable OS' in the English management console. | 5.0.42, 6.0.0 |
| 113486 | GN-26267 | WebUI | An issue where today's audit log is not output from Audit > Logs before 9:00 KST | 4.0.17 |
| 113400 | GN-26357 | WebUI | A problem where the old version of the detailed screen is displayed when returning to the basic status from the target node list on the new node group detail screen | 5.0.35 |
| 113373 | GN-26518 | Center | An issue where information collected by the agent (updateinfo) may be deleted | 5.0.52, 6.0.13 |
| 113357 | GN-26322 | macOS Agent | An issue where CPU usage increases when receiving macOS notification messages | 5.0.27 |
| 113343 | GN-26446 | Center | An issue where the center daemon's fd increases when the LDAP connection fails | 5.0.41, 4.0.145, 6.0.0 |
| 113322 | GN-26444 | WebUI | Symptoms of not being able to search for Hangul in the software settings window under node group conditions | 5.0.35 |
| 113315 | GN-26496 | CLOUD | An issue where log statistics data is not displayed when a cloud site is first created | 5.0.50, 6.0.12 |
| 113136 | GN-26130 | macOS Agent | Crash issue when using the macOS hardware information collection plug-in | 5.0.38 |
| 113084 | GN-26040 | WebUI | Change node management An issue where the administrator confirmation function does not work when selecting all nodes | 5.0.26 |
| 113044 | GN-26414 | Windows Agent | A problem where the fixed option in the password verification window is periodically placed in the center of the screen even when the fixed option is off | 5.0.42, 6.0.12, 5.0.53 |
| 113024 | GN-26433 | Sensor | An issue where sensor communication may not be possible due to an incorrect IP rule being created when adding a gateway IP | 5.0.42 |
| 112771 | GN-26160 | Authsync, Center | A problem that may fail when downloading CSV and synchronizing user information | 5.0.0 |
| 112754 | GN-26385 | Packaging | C30G and C50G equipment monitor output problems | 5.0.44, 6.0.1 |
| 112674 | GN-26259 | ElasticSearch | Error displaying shard information in the Elasticsearch management tool on the Advance page | 5.0.17 |
| 112643 | GN-26223 | WebUI | A problem where only 50 tags are output when assigning tags on the node detail screen | 5.0.22 |
| 112634 | GN-26276 | ElasticSearch | The problem with Elasticsearch redundancy not being configured | 5.0.51, 6.0.11 |
| 112598 | GN-26242 | WebUI | An issue where agents installed on cloud OS (Linux) are displayed as a Windows icon in the node list in the management console | 6.0.8, 5.0.50 |
| 112530 | GN-26316 | Center | A problem where past passwords can be changed to a recently used password even when using the function to prevent reuse of past passwords | 3.0_1007 |
| 112511 | GN-26227 | Center | [General-purpose OS] An INVALID COMMON NAME certificate error occurs because the server certificate does not have Subject Alternative Names | 5.0.23 |
| 112504 | GN-26324 | Sensor | A problem where disk information (NAC equipment) cannot be collected in 5.0.53 and later versions | 5.0.53 |
| 112389 | GN-26208 | WebUI | An issue where XSS detection logs are left when entering a search term containing < characters in the search box | 6.0.7, 5.0.50, 4.0.152 |
| 112371 | GN-26178 | WebUI | An issue where an XSS discovery log is left due to -> included in the detailed audit log message | 6.0.7, 5.0.50, 4.0.152 |
| 112122 | GN-25936 | WebUI | A problem where node task commands that work regardless of management role permission settings do not work | 5.0.44, 6.0.1 |
| 112106 | GN-26219 | WebUI | An issue where an error occurs when copying a policy if the action has a label | 4.0.113, 5.0.10 |
| 112065 | GN-26170 | WebUI | A problem where adding/deleting components of the CWP design template in the English management console does not work properly | 5.0.48, 6.0.7 |
| 111954 | GN-26200 | Center | An issue where the CVE list is not updated in the latest versions of ZTNA and NAC | 5.0.50, 6.0.12, 5.0.53 |
| 111893 | GN-26072 | Linux Agent | A problem where the Linux Agent gets stuck when running without using the GUI module | 6.0.12 |
| 111828 | GN-26188 | IPMGMT | A problem where temporary users cannot automatically log in to the IP application system | 5.0.50, 4.0.153, 6.0.11 |
| 111738 | GN-25998 | Windows Agent | (Password Verification Plug-in) An issue reported because the account's password change time is constantly changing | 4.0.M5, 5.0.0, 6.0.0 |
| 111729 | GN-25565 | Center | Center daemon abnormally shuts down when sending Syslog TLS | 4.1.M7 |
| 111670 | GN-26175 | Center | The phenomenon of continuing to download GPDB from cloud services using GDPI | 5.0.41 |
| 111620 | GN-26106 | Windows Agent | A problem where sharing is not disabled when setting the sharing allowance time in network shared folder control | 5.0.42, 5.0.50, 6.0.11 |
| 111587 | GN-26137 | WebUI | An issue where the CWP page preview screen is not visible on the CWP design template settings page | 5.0.42, 5.0.50, 6.0.11 |
| 111559 | GN-26161 | GenianOS | Fix sshd restart error in procmond | 5.0.23 |
| 111369 | GN-26655 | WebUI | An error page occurred when exporting node management to Excel in the Compose version | 5.0.48, 6.0.6 |
| 111369 | GN-25944 | WebUI | An issue where the software upgrade management outputs an upgrade button even though the major version is lower | 5.0.20 |
| 111369 | GN-25815 | WebUI | A problem where the approval/rejection popup for a new IP application is active and the approval/rejection popup is enabled, the problem is that it is in a waiting state when approved/rejected | 4.1.3 |