Genian NAC 5.0.56 Release Notes (2023-07-21)
Last Updated: 2024-11-01
Security Vulnerability
| Revision | Key | Components | Description | Affects Versions | CVSS Score |
|---|---|---|---|---|---|
| 125679 | GN-28063 | WebUI | A problem where blind injection is possible in the node management search bar | 2.2 | |
| 125401 | GN-27107 | WebUI | Service disabled by executing a Tomcat restart command by an unauthorized administrator | 5.0.41 | 2.7 |
| 125327 | GN-27242 | WebUI | A vulnerability where SQL injection is possible through the user search screen in NAC 5.0 | 5.0.15 | 4.8 |
| 123777 | GN-26393 | WebUI | Vulnerability where information can be modified by directly entering a URL to an unauthorised page | 3.1 | |
| 123255 | GN-26390 | WebUI | File export permission bypass vulnerability for unauthorized administrators through the Audit Log REST API | 3.1 | |
| 122615 | GN-27492 | WebUI | Tomcat version upgrade (8.5.94 -> 8.5.96/9.0.81 -> 9.0.83) | 7.5 | |
| 121388 | GN-26315 | WebUI | Improved two-step verification to limit the number of times the verification code can be entered and the time limit | 4.3 | |
| 120865 | GN-27278 | WebUI | Tomcat version upgrade (8.5.94/9.0.81) | 7.5 | |
| 120392 | GN-26600 | WebUI | The problem of not being able to log in after an abnormal API call | 5.0.42, 5.0.49, 6.0.7, 4.0.156, 5.0.56 | 5.3 |
| 120315 | GN-26383 | WebUI | Vulnerability where html/script code can be injected | 5.3 | |
| 118279 | GN-26935 | WebUI | Vulnerability where an html tag output as a department name is executed in a tree | 5.0.0 | 1.2 |
| 117609 | GN-26865 | WebUI | XSS input vulnerability in dashboard widget settings | 1.2 | |
| 117495 | GN-26835 | Center | Command Injection vulnerability via SQL used to update data | 6.6 | |
| 117495 | GN-26833 | Sensor | nmap script tampering vulnerability during sensor NMDB update | 4.1 | |
| 117495 | GN-26814 | Center | Code improvements to Bufferoverflow | 2 | |
| 117495 | GN-26725 | Linux Agent, macOS Agent, Windows Agent | [Agent] Added validation for events sent from the Center and sensors | 6.3 | |
| 117495 | GN-26696 | Sensor | Insufficient validation of incoming sensor events | 6.3 | |
| 117495 | GN-26694 | Center | Parameter injection vulnerability due to insufficient verification of download URLs | 6.6 |
New Features and Improvements
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 127335 | GN-28368 | macOS Agent | macOS agent supports newly released macOS 15 (codename Sequoia) | 5.0.0, 6.0.0 |
| 125152 | GN-27973 | Center, macOS Agent, Sensor, Windows Agent | OpenSSL 3.0.13, 1.1.1w upgrade - excessive resource usage during X.509 policy constraint checking | 4.0.0, 5.0.0, 6.0.0 |
| 123468 | GN-27625 | Sensor | Fixed an issue where pubilc IP cannot be imported when changing sensor operation modes and policies | |
| 122690 | GN-27462 | Windows Agent | Improved to download only cosign files corresponding to the operating system (64/32 bit) when installing the file distribution V2 plug-in | 5.0.42, 4.0.155, 6.0.15, 5.0.55 (LTS), 5.0.56, 5.0.57 |
| 122239 | GN-27164 | VRRPD | [General-purpose OS] A problem where the redundant configuration switches to the slave state due to an interface status check failure after switching to the master state | 5.0.42 |
| 122179 | GN-27390 | Center, WebUI | Improved so that data in the /disk/data/report directory is also deleted when setting the number of reports to be saved | |
| 121928 | GN-27241 | macOS Agent | Improved so that agents can validate server events when using macOS multi-policy servers | |
| 121891 | GN-27248 | Linux Agent | Linux Agent, improved so that agents can validate server events when using multiple policy servers | |
| 121118 | GN-27269 | -Unknown/None- | Remove unnecessary permissions from apache/tomcat-related directories and files | |
| 120559 | GN-26325 | GNOS | Fixed an issue where procmond was executed repeatedly when running httpd-driven scripts | |
| 120406 | GN-27146 | Center | A problem where the password entered by the user remains in the central debug file when linking external authentication via extauth fails | |
| 120181 | GN-27207 | Windows Agent | Improved so that agents can validate server events when using multiple policy servers | |
| 120024 | GN-27206 | Center, Sensor | Added the ability to export trusted nodeids from the center to sensors and agents | |
| 119951 | GN-27013 | WebUI | Improved so that items set to markdown can be converted | |
| 119815 | GN-27121 | Center, macOS Agent | macOS agent support for new OS 14.0 (Sonoma) | |
| 119720 | GN-27142 | Windows Agent | Change the integration module to support the new version of the pill | |
| 119668 | GN-27031 | Center, Sensor | [General-purpose OS] Local privilege escalation vulnerability in Ubuntu OverlayFS module | |
| 119034 | GN-27038 | WebUI | Fixed an issue where webssh could not be connected after the openssh version was upgraded | |
| 118995 | GN-26987 | Linux Agent | Improved functionality so that the approval window is not displayed when using the Linux Agent and File Distribution Plug-in V2 | |
| 118571 | GN-26988 | macOS Agent | Improved functionality so that the approval window is not displayed when using the macOS file distribution plug-in V2 | |
| 118336 | GN-27010 | GenianOS | GNOS OpenSSH version upgrade (8.6p1->9.3p2) | |
| 118212 | GN-26981 | Center, Linux Agent, macOS Agent, WebUI, Windows Agent | Improved functionality so that the approval window is not displayed when using the distribution plug-in V2 | |
| 117873 | GN-26381 | WebUI | Add an organization name (USER_COMPANY) column to the user management list | |
| 117835 | GN-26766 | Center, macOS Agent | Development of distribution plugins based on macOS Sigstore electronic signatures | |
| 117495 | GN-26838 | Ubuntu(Debian) | [General-purpose OS] ICMP Timestamp support removed | |
| 117495 | GN-26792 | Center, Sensor | Enhanced validation of policy server incoming events | |
| 117495 | GN-26755 | Center, Linux Agent, macOS Agent, WebUI, Windows Agent | Development of distribution plug-ins based on Sigstore electronic signatures |
Issues Fixed
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 128040 | GN-28410 | A problem where all logs can be checked in the real-time mode of the audit log when the administrator's management scope (management sensor) is limited | 5.0.45, 6.0.2 | |
| 127992 | GN-28569 | WebUI | A screen error occurs when clicking the Create Security Agreement button | 5.0.56 |
| 127527 | GN-28422 | WebUI | An issue where the locale (Korean, English, etc.) cannot be changed on the management console login page | 6.0.16, 5.0.55 (LTS), 5.0.56, 6.0.17, 5.0.57 |
| 127287 | GN-27617 | Windows Agent | An issue where an AD account is locked due to an operating system information collection action to check whether an empty password is used on the AD server | 4.0.109, 5.0.6, 6.0.0 |
| 127270 | GN-28418 | Windows Agent | An issue where the scheduled install/check option is not applied in Windows Update Actions | 5.0.0, 6.0.0 |
| 127156 | GN-28370 | WebUI | An issue where settings are not displayed when clicking Interface Settings in Sensor Management > Sensor Settings > IP Settings | 5.0.42, 6.0.16, 5.0.55 (LTS), 5.0.56, 5.0.57 |
| 126845 | GN-28306 | Center, Sensor | A problem where the process runs abnormally because execution results cannot be obtained intermittently when executing system commands | 5.0.42 |
| 126738 | GN-28295 | Center | An issue where the entire audit log is deleted when the connection to the policy server database fails | 4.1.3 |
| 126403 | GN-28228 | Sensor | [General-purpose OS] A problem where the sensor repeats up/down states | 5.0.42 |
| 126321 | GN-27670 | CWP | An issue where Markdown is not applied to the CWP user authentication component | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 126082 | GN-28130 | Center, Sensor | An issue where NAC cannot function properly because the daemon terminates abnormally when sending event packets from the center daemon and sensor daemon | 5.0.42, 4.0.155, 6.0.16 |
| 126044 | GN-28036 | WebUI | 관리콘솔의 상단 로그아웃 버튼을 클릭하여 로그아웃 시 "관리자가 로그아웃 함." 감사 로그가 남지 않는 문제 | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 125373 | GN-27983 | Center | An issue where event packets sent from the 5.0/6.0 policy server are not handled by the 4.0.1 sensor | 5.0.42, 6.0.16 |
| 125298 | GN-27972 | An issue where an SSL certificate is generated with an expiration date of 10 years | 6.0.15, 5.0.55 (LTS) | |
| 125280 | GN-28003 | Windows Agent | A problem where the distribution file verification method is Sigstore Keyless Signing in the file distribution plug-in V2 fails | 5.0.42, 4.0.155, 6.0.15, 5.0.56 |
| 125175 | GN-27994 | Linux Agent | Linux Agent A problem where the distribution file verification method is Sigstore Keyless Signing in the file distribution plug-in V2 fails | 5.0.50, 5.0.53, 5.0.54, 6.0.15 |
| 125163 | GN-28005 | macOS Agent | A problem in macOS file distribution plug-in V2 that fails when the distribution file verification method is Sigstore Keyless Signing | 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 125052 | GN-27986 | GenianOS | Addressing compatibility issues due to SLSA TUF certificate renewals | 5.0.42, 5.0.50, 6.0.15, 4.0.156 |
| 124464 | GN-27769 | WebUI | An issue where some nodes are blocked due to policy application errors after changing the IP policy | 5.0.30, 6.0.0 |
| 124087 | GN-27749 | WebUI | The problem of not being able to access the user information modification page in CWP | 6.0.16, 5.0.55 (LTS), 5.0.56, 6.0.18, 5.0.58 |
| 123441 | GN-27641 | WebUI | In the tomcat log, by the following code has not been detected to the pool, no symptoms of connecting to the web console after a large number of cases | 5.0.20 |
| 123288 | GN-27517 | WebUI | Errors where certain items are not modified in the Nodes REST API | 5.0.8, 4.0.111 |
| 123237 | GN-27399 | macOS Agent | A problem where plug-ins don't work according to macOS internal/external conditions | 6.0.5, 5.0.48 |
| 123151 | GN-27460 | GenianOS | [General-purpose OS] An issue where aes256 commands are not executed during initial operation | 5.0.42, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 123137 | GN-27496 | Linux Agent | Linux Agent intermittently misses sending some action system information | 5.0.50, 6.0.15 |
| 123127 | GN-27401 | Sensor | A problem where the sensor process terminates abnormally when the same event is received from the sensor device | 4.0.64 |
| 123061 | GN-24708 | Center | In an environment where many sensor debugs are sent to the center, a load may be caused by deleting old debugs when the center is rebooted | 5.0.0 |
| 123052 | GN-27575 | Center | An issue where the log filter action does not work when the ES log filter query result is greater than 2K | 4.1.M6 |
| 122952 | GN-27574 | Center | An issue where ES index (nac-filter) for log filters is deleted during the ES log cleaning cycle | 5.0.50, 6.0.11 |
| 122844 | GN-27561 | Center | [General-purpose OS] An issue where the LDAPsearch command results fail due to the LDAP configuration file being set to the wrong file in the general-purpose OS | 5.0.42 |
| 122593 | GN-27502 | Center | An issue where agent logon API processing is delayed when the agent/sensor downcheck process by Keepalive takes a long time | 5.0.42 |
| 122507 | GN-27504 | Center | Improved so that NodeID-related DB errors (Illegal mix of collations) audit logs do not occur when KeepAlive is received | |
| 122457 | GN-27345 | WebUI | Modified so that the page is converted to markdown during the ready phase | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 122446 | GN-26487 | WebUI | Fixed an issue where an error page was displayed when there was no value on the CVE detail screen | 5.0.24 |
| 122430 | GN-27510 | Center, Sensor | [General-purpose OS] An issue where added libraries cannot be found after upgrading the NAC package | 5.0.42 |
| 122378 | GN-27404 | Center, macOS Agent | An issue where the macOS update plug-in does not install properly when using the installation mode | 5.0.11 |
| 122333 | GN-27467 | WebUI | An issue where XSS is executed in the policy application pop-up screen when XSS is added to the node action description | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 122260 | GN-27437 | Center, macOS Agent | Symptoms where OS information on macOS Sonoma devices is classified as unknown | 6.0.16, 5.0.55 (LTS), 5.0.56, 6.0.17, 5.0.57, 4.0.157 |
| 122117 | GN-27384 | Windows Agent | Fix a program path setting error in the Windows Firewall Control plug-in | 5.0.45 |
| 122085 | GN-27383 | WebUI | Fixed an issue where the parameter value is invalid error occurred and characters in all languages can be entered in an input form where Hangul can be entered | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 122073 | GN-27385 | GenianOS | Fixed an issue where iptables commands could fail when running at the same time | 5.0.0, 6.0.0 |
| 121881 | GN-27398 | Linux Agent | Linux Agent performs a condition-only check action, and the result cannot be updated even if the results change | 5.0.50, 6.0.15 |
| 121838 | GN-27446 | Center | A problem where the SOAP API processing process stops and 100% CPU is used when an empty password is entered when using external authentication (runauth) | 5.0.42, 6.0.16, 5.0.55 (LTS), 5.0.56, 5.0.57, 4.0.157 |
| 121756 | GN-27387 | WebUI | An issue where the export function does not work on the OpenPort status screen | 5.0.6 |
| 121709 | GN-27380 | Windows Agent | A problem where an action check condition terminates abnormally if a '%' character exists other than a macro supported by the agent | 5.0.0, 6.0.0 |
| 121625 | GN-26858 | WebUI | An issue where an error occurs when using Google OTP with version 5.0 2-step verification if the verification code contains characters other than numbers | 5.0.50, 5.0.53 |
| 121529 | GN-27270 | macOS Agent | The problem of not being authenticated when omitting .com in the allowed domain name in macOS AD alternative authentication | 4.0.108, 5.0.5 |
| 121511 | GN-27382 | WebUI | Additional fields - A problem where parameter value is invalid errors occur when Hangul and some special characters are included in the user selector | 5.0.42, 5.0.50, 5.0.53, 4.0.155, 6.0.15 |
| 121465 | GN-27394 | Center | A problem where backup fails when an absolute path is set to the SFTP storage path | 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 121456 | GN-27291 | WebUI | Alias 센서명에 * , · 등의 특수문자가 포함된 경우 parameter value is invalid 에러 발생 | 5.0.42, 4.0.156, 6.0.16 |
| 121412 | GN-27209 | WebUI | An issue where the IP application is approved and the request is not notified by email | 5.0.46, 6.0.4 |
| 121401 | GN-27388 | Center | [General-purpose OS] Problem with not being able to connect to webssh | 5.0.42 |
| 121377 | GN-27203 | Windows Agent | A problem where the action execution result is sent after a certain period of time (5 minutes) even if the action execution result changes unspecified | 5.0.0, 6.0.0 |
| 121203 | GN-27322 | Center, Sensor | [General-purpose OS] System Administration > Preferences > Time Zone Settings Not Working in Ubuntu NAC | 5.0.50 |
| 121175 | GN-27259 | Linux Agent | Linux Agent, an issue where the agent does not work when installing a specific package | 5.0.45, 6.0.2 |
| 121170 | GN-27356 | Sensor | A problem where the cache service does not run even when the patch proxy service is set to ON | 5.0.55 (LTS), 4.0.157 |
| 121137 | GN-27359 | gnlogin, VRRPD | An issue where the same event already exists in queue debug log occurs because event queuing works even in processes that do not require event retransmission processing | 5.0.42 |
| 121023 | GN-27358 | Center | An issue where the centerd execution option's sensor service start/stop function does not work | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 120742 | GN-27290 | WebUI | An issue where the sensor tree is not displayed properly when '%' is included in the sensor name | 5.0.43, 6.0.0 |
| 120638 | GN-27265 | WebUI | An issue where the department level display in node management appears different from the advance setting in version 5.0.56 (LTS) | 5.0.56 |
| 120609 | GN-27279 | Center, Sensor | A problem where the settings only apply when trust-nodeserver-id is set on the center device, the sensor daemon must be restarted | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 120539 | GN-27091 | Center, procmond | A problem where the event log (procmond process) sent from the sensor cannot be saved due to an unknown center did error on the policy server | 5.0.42 |
| 120524 | GN-27113 | Center | A problem where update information (sysinfo) sent from a slave device fails to be updated to an unknown devid | 4.0.145, 5.0.42, 6.0.1 |
| 120512 | GN-27200 | Center | Symptoms where the BADQUERY=ILLEGAL MIX of collations error continues to occur in the slave center | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 120502 | GN-27177 | Backup | An issue where backup files include agent zip files that increase capacity | 6.0.16, 5.0.55 (LTS) |
| 120444 | GN-27224 | Windows Agent | The input dialog box is not output when the screen is locked to the agent authentication window | 5.0.49, 6.0.7 |
| 120377 | GN-27215 | WebUI | Error page output issue when clicking Administration > Switch > Group in version 5.0 | 5.0.42, 5.0.55 (LTS), 5.0.56 |
| 120147 | GN-27237 | Center, Sensor | A problem where the node cannot be immediately re-registered by the sensor when the agent node registered to the sensor is deleted from the management console | 5.0.42 |
| 120134 | GN-27176 | macOS Agent | An issue where the macOS update plug-in works abnormally | 5.0.11 |
| 120107 | GN-26887 | WebUI | An issue where tooltips in the control policy column in the node list are not updated when switching sensor mode | 5.0.50, 6.0.11 |
| 120005 | GN-27154 | WebUI | A problem where the link in the connected device column in the node list works even though the switch has been deleted from switch management | 5.0.38 |
| 119994 | GN-27000 | WebUI | A problem where an invalid parameter message is displayed when moving to the user details screen with a link in the Node Management List > Authenticated User column | 6.0.5, 5.0.50 |
| 119827 | GN-27137 | macOS Agent | An issue where the macOS message pop-up content is not visible | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 6.0.14 |
| 119805 | GN-27058 | Windows Agent | A problem where actions set to be performed according to internal and external conditions when restarting the PC malfunction | 5.0.43, 6.0.0 |
| 119735 | GN-27183 | Center, Sensor | A problem where the re-registration event (REGISTER_REQ) sent from the policy server to the sensor is not processed by the sensor | 5.0.42 |
| 119542 | GN-27162 | Sensor | [General-purpose OS] An issue where the gdcid daemon does not run after booting the device | 5.0.42 |
| 119518 | GN-27151 | geniup | An issue where the migration is not performed properly due to the command being terminated during the migration | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 119442 | GN-27135 | WebUI | An error where the file distribution V2 item cannot be registered as a global setting when the item is first modified after the upgrade | 5.0.42, 5.0.50, 4.0.156, 5.0.56 |
| 119408 | GN-27132 | gnlogin | A problem where the center works abnormally when a% string is present in the MySQL password | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 119377 | GN-27085 | WebUI | An issue where the existing connection is disconnected (forced login) function does not work when logging in to the management console with SAML | 5.0.48, 6.0.6 |
| 119368 | GN-27084 | WebUI | An issue where audit logs are left due to false positives on parameters processed by URLEncode in XSS inspection logic | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 119358 | GN-27127 | Windows Agent | Failed to perform offline PMS through the Windows update plug-in | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 119273 | GN-26676 | gnlogin | [General-purpose OS] A problem where ADMIN and ADMINIP are not left in the audit record when gnlogin is commanded | 5.0.23 |
| 119162 | GN-27106 | Center | An issue where only some nodes are applied when the node policy is applied immediately | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 119101 | GN-27089 | macOS Agent | A problem where GNDaemon restarts when an integrity check command is performed by the macOS Agent Management Console | 5.0.42, 5.0.54, 6.0.15, 5.0.56 |
| 119009 | GN-26938 | Linux Agent | Linux Agent is unable to register a new node due to a local network change detection error | 5.0.51, 6.0.11 |
| 118937 | GN-26972 | Center | An issue where a 'badQuery=illegal mix of collations' error occurs when a SLAVE device exists | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 118842 | GN-27037 | MGMT | [General-purpose OS] A problem where apache does not run when the management console port and HTTPS port are set to the same | 5.0.42 |
| 118785 | GN-27066 | Windows Agent | Fixed a CMD window display error when running a script in File Distribution V2 | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 118606 | GN-26956 | WebUI | An issue where an Exception error message is output when modifying authentication integration settings | 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 118603 | GN-26870 | WebUI | An issue where tags are not assigned to NAC nodes when setting response policies through NAC integration in EDR | 5.0.42, 5.0.45, 6.0.2 |
| 118483 | GN-26895 | macOS Agent | A phenomenon where software information cannot be collected on macOS Mac mini M2 models | 5.0.11 |
| 118452 | GN-26957 | macOS Agent | An issue where an action is performed when an action is performed immediately regardless of the scope of application of the macOS plug-in | 6.0.5, 5.0.48 |
| 118392 | GN-26973 | macOS Agent | An issue where macOS user notification messages do not pop up when running periodically | 5.0.42, 5.0.50, 5.0.53, 6.0.14 |
| 118368 | GN-27016 | Sensor | A problem where the localconf service port is changed to an unspecified value by the sensor daemon | NoVersion |
| 118285 | GN-26785 | Center | An issue where device control policies can be received from other node groups when using device control policies | 5.0.23 |
| 118226 | GN-26969 | WebUI | XSS false positives issue with Get Parameter (queryString) | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 117923 | GN-26970 | Center | A problem where the policy server processes events using the past event processing method even though it is an improved version of the Push Notification event processing agent | 5.0.42, 4.0.155 |
| 117495 | GN-24713 | procmond | A problem where a daemon operation error occurs when changing the policy server to a sensor-only image | 5.0.0 |