Genian NAC 5.0.58 Release Notes (2023-12-19)

Last Updated: 2024-03-19

Security Vulnerability

Revision Key Components Description Affects Versions CVSS Score
123776 GN-26393 WebUI Vulnerability where information can be modified by directly entering a URL to an unauthorised page   3.1
123285 GN-26390 WebUI File export permission bypass vulnerability for unauthorized administrators through the Audit Log REST API   3.1

New Features and Improvements

Revision Key Components Description Affects Versions
123467 GN-27625 Sensor Fixed an issue where pubilc IP cannot be imported when changing sensor operation modes and policies  
122824 GN-27491 WebUI Improved so that IDP-enabled SSO authentication requests can be authenticated when linking SAML authentication  
122715 GN-27476 WebUI Added a divider line to separate SAML login from existing login buttons, and improved login button output when setting multiple IdPs  
122715 GN-27344 Center Improved functionality so that secondary webhook authentication can be linked  
122715 GN-27320 WebUI Improvements to the alarm output when external access is permitted  
122715 GN-27243 Authsync Improved REST API Server-type information synchronization so that paging parameters included in response headers can be used  
122715 GN-27201 WebUI Added an IP/MAC additional field item to change node properties  
122715 GN-27077 Sensor Improved exception handling for event socket unconfigured logs when creating an event socket  
122715 GN-27068 WebUI Improved to be able to browse the nodegroup criteria filter list  
122715 GN-26955 -Unknown/None- Improved the sysinspect script to work with the changed ES account when the ES account is changed  
122715 GN-26942 WebUI Fixed an issue where an error log was left when calling the device modification API  
122715 GN-26929 Database Add device information to add/delete 'USB information' audit log  
122715 GN-26921 Windows Agent Development of plug-ins linked to external authentication through agents  
122715 GN-26913 Windows Agent Exosphere vaccine information collection  
122715 GN-26907 Center Improved so that multiple URLs can be set when setting a search filter webhook  
122715 GN-26873 WebUI Improved the quick search in the top menu to search for (IP/equipment) owners and ownership departments  
122715 GN-26855 MySQL [General-purpose OS] Improved to prevent reuse of MySQL passwords  
122715 GN-26842 Center mysqldump execution error when updating CLOUD GPDB  
122715 GN-26575 IPMGMT Disable access when the ipmgmt page function is not used  
122715 GN-26545 GenianOS GNOS kernel version upgrade (5.15.0)  
122715 GN-26482 Authsync, Database When storing department codes, compress them with a hash function to prevent oversize 5.0.45, 6.0.2
122715 GN-26325 GNOS Fixed an issue where procmond was executed repeatedly when running httpd-driven scripts  
122715 GN-26284 Center In-product self-signed certificate automatic renewal function  
122715 GN-25533 Center Added a cache deletion option when setting up the proxy service  
122715 GN-25333 RADIUSD RADIUS EAP-TTLS support (MSCHAPv2, PAP)  
122715 GN-22567 Database GNOS MySQL 8.0 upgrade  

Issues Fixed

Revision Key Components Description Affects Versions
123770 GN-27674 MySQL An issue where the daemon does not run after upgrading to the MySQL 8.0 version image on a device with an SSD 6.0.18, 5.0.58
123747 GN-27550 WebUI A problem where tree-structured data components are not output 6.0.16, 5.0.55 (LTS), 6.0.17, 5.0.57
123498 GN-27646 Authsync If a MySQL function is used in the user department ID column name of information synchronization, an incorrect policy may be assigned due to a failure in department synchronization 6.0.18, 5.0.58
123419 GN-27641 WebUI In the tomcat log, by the following code has not been detected to the pool, no symptoms of connecting to the web console after a large number of cases 5.0.20
123341 GN-27399 macOS Agent A problem where plug-ins don't work according to macOS internal/external conditions 6.0.5, 5.0.48
123302 GN-27573 WebUI A problem where the list is not displayed when clicking on the number of members in each group in the user group status 4.0.156, 6.0.16, 5.0.57
123294 GN-27401 Sensor A problem where the sensor process terminates abnormally when the same event is received from the sensor device 4.0.64
123287 GN-27517 WebUI Errors where certain items are not modified in the Nodes REST API 5.0.8, 4.0.111
123267 GN-27460 GenianOS [General-purpose OS] An issue where aes256 commands are not executed during initial operation 5.0.42, 6.0.16, 5.0.55 (LTS), 5.0.56
123169 GN-27519 Sensor Symptoms where the sensor system stops due to a deadlock when changing the sensor mode continuously 5.0.57, 4.0.157, 6.0.19
123136 GN-27496 Linux Agent Linux Agent intermittently misses sending some action system information 5.0.50, 6.0.15
123059 GN-24708 Center In an environment where many sensor debugs are sent to the center, a load may be caused by deleting old debugs when the center is rebooted 5.0.0
123050 GN-27575 Center An issue where the log filter action does not work when the ES log filter query result is greater than 2K 4.1.M6
122950 GN-27574 Center An issue where ES index (nac-filter) for log filters is deleted during the ES log cleaning cycle 5.0.50, 6.0.11
122842 GN-27561 Center [General-purpose OS] An issue where the LDAPsearch command results fail due to the LDAP configuration file being set to the wrong file in the general-purpose OS 5.0.42
122715 GN-27500 Windows Agent Problems that cannot be decertified upon initial application of the Outdoor Affiliation (Registry) action 4.0.0, 5.0.0, 6.0.0
122715 GN-27397 WebUI Error creating and modifying RADIUS policies with the operator account 5.0.30
122715 GN-27389 Center, CLOUD An issue where generic OS sensor upgrades are not performed automatically when upgrading the CLOUD policy server  
122715 GN-27368 WebUI The problem of incorrect aggregation when generating daily reports for each administrator based on the scope of management 6.0.17, 5.0.57
122715 GN-27321 WebUI Node/control policy issues not being fixed 4.0.157, 6.0.18, 5.0.58
122715 GN-27148 WebUI An issue where the login failure count is not reset after a successful login when logging in to the management console using secondary authentication 4.0.10
122715 GN-27119 Windows Agent A problem where all the name value defined in the URL button in the agent authentication window is not output 5.0.42, 6.0.0
122715 GN-27111 Authsync A problem where rank synchronization fails when there is no rank information in the local DB during rank synchronization 6.0.6, 5.0.49
122715 GN-27110 WebUI The problem of not being able to authenticate when accessing the application results screen again after modifying the user information on the CWP user registration application result search screen 5.0.32
122715 GN-27059 WebUI A problem where tag names can be entered with a space (Space) 4.0.M7
122715 GN-27057 procmond An issue where when Tomcat is restarted, the audit log says tomcat9 even though it's not the tomcat9 version 5.0.53, 6.0.15
122715 GN-27048 WebUI An issue where the vertical layer area overlaps when entering 3 or more lines on the login screen 6.0.8
122715 GN-27040 Center An issue where “unknown” and “no information” date information collected from agents is displayed as “1970-01-01”  
122715 GN-27017 ElasticSearch, gnlogin An issue where the audit log is not saved when the log server authentication information is changed before the log server is running  
122715 GN-27006 WebUI The service control menu was removed from the CLOUD version, but an issue where it can be accessed from the top menu 5.0.29
122715 GN-26993 WebUI Information display error displayed as a tooltip on ip and mac on the audit log and node detailed history management screen 6.0.4, 5.0.47
122715 GN-26992 Center An issue where the agent plug-in operates based on the policy server's time zone  
122715 GN-26965 WebUI [5.0] When connecting to ipmgmt3, a connection error page is displayed when there are no guest usage settings 4.0.114, 5.0.11
122715 GN-26951 Windows Agent A problem where virus treatment audits are not recorded with the vaccine information collection plug-in 4.0.144, 5.0.41
122715 GN-26941 WebUI An issue where items in ConfEngine's addRemove component are modified incorrectly 5.0.18
122715 GN-26933 WebUI An issue where calendar components used in some date input fields are displayed only in English 5.0.20, 6.0.0
122715 GN-26904 WebUI Node Management > Problem with the icon not being displayed in the Risk column 5.0.53, 6.0.13
122715 GN-26864 Windows Agent An issue where the latest information in the information collection plug-in is not updated intermittently 5.0.0, 6.0.0
122715 GN-26859 Linux Agent Linux Agent, an issue where unpartitioned storage device information is not collected 5.0.41, 6.0.0
122715 GN-26777 WebUI An issue where the update time is not updated when modifying a node group in a node/control policy 6.0.18
122715 GN-26742 Sensor Using NMAP TCP SCAN in Sensor Node Information Check Settings Not Applicable 5.0.40
122715 GN-25805 WebUI IP Change Prohibited (Designated IP Band) in IP Matrix View - Single IP Violated icon is not displayed 4.0.8