Genian ZTNA 6.0.17 Release Notes (2023-10-11)
Last Updated: 2023-12-19
Security Vulnerability
| Revision | Key | Components | Description | Affects Versions | CVSS Score |
|---|---|---|---|---|---|
| 122609 | GN-27492 | WebUI | Tomcat version upgrade (8.5.94 -> 8.5.96/9.0.81 -> 9.0.83) | 7.5 | |
| 121382 | GN-26315 | WebUI | Improved two-step verification to limit the number of times the verification code can be entered and the time limit | 4.3 | |
| 120862 | GN-27278 | WebUI | Tomcat version upgrade (8.5.94/9.0.81) | 7.5 | |
| 120382 | GN-26600 | WebUI | The problem of not being able to log in after an abnormal API call | 5.0.42, 5.0.49, 6.0.7, 4.0.156, 5.0.56 | 5.3 |
New Features and Improvements
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 122686 | GN-27462 | Windows Agent | Improved to download only cosign files corresponding to the operating system (64/32 bit) when installing the file distribution V2 plug-in | 5.0.42, 4.0.155, 6.0.15, 5.0.55 (LTS), 5.0.56, 5.0.57 |
| 122678 | GN-27340 | Sensor | Improved so that DKNS also provides information synchronization and authentication integration functions through an SSL tunnel | |
| 122661 | GN-25714 | WebUI | Added an option to set a security agreement expiration date | |
| 122232 | GN-27164 | VRRPD | [General-purpose OS] A problem where the redundant configuration switches to the slave state due to an interface status check failure after switching to the master state | 5.0.42 |
| 122211 | GN-27402 | WebUI | API improvements so that start/end times can be set when modifying MAC policies | |
| 122163 | GN-27390 | Center, WebUI | Improved so that data in the /disk/data/report directory is also deleted when setting the number of reports to be saved | |
| 121924 | GN-27241 | macOS Agent | Improved so that agents can validate server events when using macOS multi-policy servers | |
| 121886 | GN-27248 | Linux Agent | Linux Agent, improved so that agents can validate server events when using multiple policy servers | |
| 121740 | GN-26627 | WebUI | Improved so that the authentication screen is not displayed again on CWP Web after agent authentication while the CWP web page is output | |
| 121113 | GN-27269 | -Unknown/None- | Remove unnecessary permissions from apache/tomcat-related directories and files | |
| 120834 | GN-27319 | WebUI | Add ServerTimeZone settings to jdbc connection when Tomcat is running | |
| 120399 | GN-27146 | Center | A problem where the password entered by the user remains in the central debug file when linking external authentication via extauth fails | |
| 120324 | GN-27174 | WebUI | Improved so that you can select combo box data that is output by default in ConfEngine File (40) type | |
| 120324 | GN-27160 | Center | Modify the local DB account connection method when using a user domain when linking authentication | |
| 120324 | GN-27049 | Improved to support regular expressions in macOS file distribution folders | ||
| 120324 | GN-26875 | WebUI | Edit the message displayed in CWP when the host name is restricted | |
| 120324 | GN-26843 | Center | The problem of generating an agent package twice when the center daemon is initially running | |
| 120324 | GN-26827 | WebUI | Fix the pop-up message on the Start Now button to perform a backup | |
| 120324 | GN-26803 | Windows Agent | Add audit records for shared folder control through plug-ins | |
| 120324 | GN-26801 | WebUI | Fixed an issue where WEBUI's primefaces basic system error was output | |
| 120324 | GN-26775 | Linux Agent | Linux Agent adds the ability to check the full contents of popup messages | |
| 120324 | GN-26763 | WebUI | Improved to be able to select items added during the previous day in the daily report | |
| 120324 | GN-26760 | WebUI | Improved to be managed by each administrator (according to the scope of management) when creating and sending daily reports | |
| 120324 | GN-26753 | WebUI | Improved to output an error message when entering a semicolon at the end of the query string in the query report | |
| 120324 | GN-26734 | WebUI | Improved error message when entering an incorrect date for the start date/expiration date in Administration > Nodes > Equipment Properties | |
| 120324 | GN-26681 | WebUI | Apply detailed screen splitting function in node management grid mode | |
| 120324 | GN-26668 | CWP | Change the default setting for using CWP SSL to On | |
| 120324 | GN-26665 | WebUI | Add drop-down UI of "Available OS Types" when allocating agent actions when creating policies | |
| 120324 | GN-26653 | WebUI | Node Management List > Improved so that only one item in the same category can be selected when changing node attributes | |
| 120324 | GN-26640 | WebUI | Change the previous item to be selected when continuing to add node group conditions | |
| 120324 | GN-26612 | WebUI | Improved so that the current location point can be displayed by toggling the dashboard sensor map | |
| 120324 | GN-26611 | WebUI | Added an Authentication Flow that forces agent installation when logging in to Keycloak | |
| 120324 | GN-26610 | Center | An issue where the agent is displayed in English when installing an agent regardless of the user's default locale setting | |
| 120324 | GN-26564 | GNOS | NanoPI sensor hardware support | |
| 120324 | GN-26555 | Sensor | Added a gnlogin command to check the IP information cached on the sensor when using FQDN on a network object | |
| 120324 | GN-26547 | WebUI | Application Management > IP New/Return > Application Processing (Approve/Reject) Reason Entry Popup Window UI Improvement | |
| 120324 | GN-26544 | GNOS | GNOS kernel latest patch applied (5.10.181) | |
| 120324 | GN-26538 | WebUI | Remove dashboard widget animations | |
| 120324 | GN-26524 | WebUI | Improved so that when calling the CommonData (confui, codemap, customdata) Rest API, the locale is treated as the value of Accept-Language in the header | |
| 120324 | GN-26491 | WebUI | Improved so that the content of the node management description column is output at the same size as the column | |
| 120324 | GN-26488 | Windows Agent | Added an option to create an agent shortcut icon on the Windows desktop | |
| 120324 | GN-26473 | Sensor | Improved separation of the entered SNMP Agent versions and regular expression checks for Community and Passwd | |
| 120324 | GN-26468 | WebUI | Improved the number of list outputs per page in the Software/History Management List in Node Details so that it is possible to change the number of list outputs | |
| 120324 | GN-26464 | WebUI | Fixed an issue where images were broken when uploading and previewing images in Settings > Announcements | |
| 120324 | GN-26412 | WebUI | Fixed to switch to the login screen when the administrator session is forcibly terminated | |
| 120324 | GN-26410 | CWP, WebUI | When linking SAML authentication, no message is output when the SP fails after IdP authentication | |
| 120324 | GN-26407 | WebUI | Modified so that Policy Server can be displayed in the IP management matrix view | |
| 120324 | GN-26360 | Linux Agent, Zero Trust Security | Linux Agent adds two-step authentication function for ZTNA connection manager | |
| 120324 | GN-26344 | WebUI | Keycloak login page Genians theme added | |
| 120324 | GN-26312 | WebUI | A problem where subsequent tasks cannot proceed if there are duplicate csv nodes when registering nodes in batches | |
| 120324 | GN-26263 | WebUI | Improved diagram output in node details | |
| 120324 | GN-26152 | Center, DKNS, Sensor | HTTPS web-based application detection via compose environment SWG | |
| 120324 | GN-26133 | Linux Agent | Linux Agent, Linux security settings plugin development | |
| 120324 | GN-25759 | WebUI | An issue where an English message is output when a value that does not match the form is entered in the calendar | |
| 120178 | GN-27207 | Windows Agent | Improved so that agents can validate server events when using multiple policy servers |
Issues Fixed
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 122586 | GN-27502 | Center | An issue where agent logon API processing is delayed when the agent/sensor downcheck process by Keepalive takes a long time | 5.0.42 |
| 122548 | GN-27495 | WebUI | Fixed so that the policy application event is not called when the close button is clicked in the Service Control > Policy Application dialog | 6.0.17, 5.0.57 |
| 122534 | GN-27480 | WebUI | A problem where department selection type conditions cannot be retrieved from node group conditions | 5.0.31, 6.0.0 |
| 122501 | GN-27504 | Center | Improved so that NodeID-related DB errors (Illegal mix of collations) audit logs do not occur when KeepAlive is received | |
| 122481 | GN-27451 | WebUI | Audit > An issue where the Flow log list is not sorted by time | 6.0.1 |
| 122475 | GN-27490 | CWP | An issue where an Invalid settings: sp_cert_not_found_and_required message is output when clicking the SAML login button in CWP | 6.0.13 |
| 122451 | GN-27345 | WebUI | Modified so that the page is converted to markdown during the ready phase | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 122423 | GN-27510 | Center, Sensor | [General-purpose OS] An issue where added libraries cannot be found after upgrading the NAC package | 5.0.42 |
| 122374 | GN-27404 | Center, macOS Agent | An issue where the macOS update plug-in does not install properly when using the installation mode | 5.0.11 |
| 122301 | GN-27467 | WebUI | An issue where XSS is executed in the policy application pop-up screen when XSS is added to the node action description | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 122253 | GN-27437 | Center, macOS Agent | Symptoms where OS information on macOS Sonoma devices is classified as unknown | 6.0.16, 5.0.55 (LTS), 5.0.56, 6.0.17, 5.0.57, 4.0.157 |
| 122080 | GN-27383 | WebUI | Fixed an issue where the parameter value is invalid error occurred and characters in all languages can be entered in an input form where Hangul can be entered | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 122068 | GN-27385 | GenianOS | Fixed an issue where iptables commands could fail when running at the same time | 5.0.0, 6.0.0 |
| 121995 | GN-27417 | WebUI | Status Filter > Tags > Node tags are not output properly | 6.0.16 |
| 121910 | GN-27400 | CWP | The problem with Agent not being able to register Passkeys | 6.0.16 |
| 121877 | GN-27398 | Linux Agent | Linux Agent performs a condition-only check action, and the result cannot be updated even if the results change | 5.0.50, 6.0.15 |
| 121831 | GN-27446 | Center | A problem where the SOAP API processing process stops and 100% CPU is used when an empty password is entered when using external authentication (runauth) | 5.0.42, 6.0.16, 5.0.55 (LTS), 5.0.56, 5.0.57, 4.0.157 |
| 121705 | GN-27380 | Windows Agent | A problem where an action check condition terminates abnormally if a '%' character exists other than a macro supported by the agent | 5.0.0, 6.0.0 |
| 121652 | GN-27387 | WebUI | An issue where the export function does not work on the OpenPort status screen | 5.0.6 |
| 121591 | GN-27393 | WebUI | A problem where the mapping column key set in the IP and MAC additional field user selector does not work | 6.0.16, 5.0.55 (LTS) |
| 121525 | GN-27270 | macOS Agent | The problem of not being authenticated when omitting .com in the allowed domain name in macOS AD alternative authentication | 4.0.108, 5.0.5 |
| 121504 | GN-27382 | WebUI | Additional fields - A problem where parameter value is invalid errors occur when Hangul and some special characters are included in the user selector | 5.0.42, 5.0.50, 5.0.53, 4.0.155, 6.0.15 |
| 121454 | GN-27394 | Center | A problem where backup fails when an absolute path is set to the SFTP storage path | 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 121442 | GN-27291 | WebUI | If the Alias sensor name contains special characters such as * , · parameter value is invalid error occurs | 5.0.42, 4.0.156, 6.0.16 |
| 121393 | GN-27388 | Center | [General-purpose OS] Problem with not being able to connect to webssh | 5.0.42 |
| 121197 | GN-27322 | Center, Sensor | [General-purpose OS] System Administration > Preferences > Time Zone Settings Not Working in Ubuntu NAC | 5.0.50 |
| 121158 | GN-27259 | Linux Agent | Linux Agent, an issue where the agent does not work when installing a specific package | 5.0.45, 6.0.2 |
| 121153 | GN-27221 | Linux Agent | A problem where the agent shuts down abnormally when collecting monitors that do not have an EDID value from the Linux Agent or monitor information collection plug-in | 6.0.12 |
| 121131 | GN-27359 | gnlogin, VRRPD | An issue where the same event already exists in queue debug log occurs because event queuing works even in processes that do not require event retransmission processing | 5.0.42 |
| 121074 | GN-27289 | WebUI | An issue where a report file is not generated when creating a custom report | 6.0.17, 5.0.57 |
| 121015 | GN-27358 | Center | An issue where the centerd execution option's sensor service start/stop function does not work | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 120814 | GN-27262 | Center | A problem where the node's changed control policy cannot be delivered to the sensor when the timezone settings of the policy server and DB server are different | 6.0.17, 5.0.57 |
| 120771 | GN-24372 | CLOUD | Backup not working on Docker compose policy server | 5.0.42 |
| 120763 | GN-27211 | Sensor | An issue that does not apply when multiple access rights are granted through a rights control policy | 6.0.7 |
| 120693 | GN-27290 | WebUI | An issue where the sensor tree is not displayed properly when '%' is included in the sensor name | 5.0.43, 6.0.0 |
| 120602 | GN-27279 | Center, Sensor | A problem where the settings only apply when trust-nodeserver-id is set on the center device, the sensor daemon must be restarted | 5.0.42, 4.0.156, 6.0.16, 5.0.55 (LTS), 5.0.56 |
| 120533 | GN-27091 | Center, procmond | A problem where the event log (procmond process) sent from the sensor cannot be saved due to an unknown center did error on the policy server | 5.0.42 |
| 120518 | GN-27113 | Center | A problem where update information (sysinfo) sent from a slave device fails to be updated to an unknown devid | 4.0.145, 5.0.42, 6.0.1 |
| 120505 | GN-27200 | Center | Symptoms where the BADQUERY=ILLEGAL MIX of collations error continues to occur in the slave center | 5.0.42, 5.0.50, 5.0.53, 5.0.54, 4.0.155, 6.0.15 |
| 120494 | GN-27177 | Backup | An issue where backup files include agent zip files that increase capacity | 6.0.16, 5.0.55 (LTS) |
| 120457 | GN-27153 | WebUI | A problem where the manager node management scope limit is set to a sensor group and the management sensor cannot be selected when registering a node | 5.0.31 |
| 120418 | GN-27210 | Enforcer | A problem where the control policy name is not left in the Netflow log | 6.0.16 |
| 120357 | GN-27191 | WebUI | An issue where the browser freezes on the audit log screen | 5.0.54, 6.0.15 |
| 120324 | GN-26976 | Center | [General-purpose OS] An issue where the device does not work properly when the update fails | 5.0.56, 6.0.17 |
| 120324 | GN-26899 | Center | The problem with self-signed certificates not being reissued | 5.0.45, 6.0.2 |
| 120324 | GN-26845 | WebUI | A problem where the agent is deleted when the Windows update action is assigned, but the output appears as if the agent exists in the node list | 4.0.M1, 5.0.0, 6.0.0 |
| 120324 | GN-26836 | WebUI | Node group conditions fail to retrieve department information if a department name containing a tag exists | 5.0.42, 6.0.0 |
| 120324 | GN-26815 | WebUI | Audit > Report > Node Report > Node Group Selection > Problem with content not being output | 5.0.24 |
| 120324 | GN-26771 | Center | A problem where the center daemon process does not run properly after enabling the policy server (node-server enable) through gnlogin | 5.0.42 |
| 120324 | GN-26746 | WebUI | An issue where the RADIUS policy's two-step authentication grace period is misexplained | 6.0.11 |
| 120324 | GN-26740 | WebUI | Errors that do not reflect application modification information | 6.0.13 |
| 120324 | GN-26721 | WebUI | An issue where the validation success log is left as an error log when the Agent is uploaded | 6.0.1 |
| 120324 | GN-26692 | WebUI | A phenomenon where progress does not end when the upload process is processed without selecting a file in the system management software | 5.0.2 |
| 120324 | GN-26689 | Center | An issue where the node IP is incorrectly output when removing the no-change setting in the debug | 5.0.43, 6.0.0 |
| 120324 | GN-26680 | Center | An issue where the last line word in the password blacklist file is not prohibited (restricted) | 4.0.106 |
| 120324 | GN-26676 | gnlogin | [General-purpose OS] A problem where ADMIN and ADMINIP are not left in the audit record when gnlogin is commanded | 5.0.23 |
| 120324 | GN-26673 | Center | New node policy: If MAC is blocked, change prohibited (specified IP band) A problem where MAC allowed nodes are blocked when the IP usage time of the set node expires | 4.1.M5 |
| 120324 | GN-26652 | WebUI | Node Management List > A problem where the IP start/end time is 9 hours different from the entered value when importing node attributes | 4.1.M4 |
| 120324 | GN-26605 | Center | New wireless LAN AP detection, wireless LAN AP information change audit log format modification | 6.0.0 |
| 120324 | GN-26588 | WebUI | When adding a new dashboard tab, modify it to be sorted at the end of the tab list | 6.0.0 |
| 120324 | GN-26586 | WebUI | An issue where the 'Apply Change Policy' button is not displayed when copying a node group and is applied immediately | 5.0.31 |
| 120324 | GN-26581 | WebUI | Intermittent errors where the loading bar does not output | 6.0.17 |
| 120324 | GN-26578 | WebUI | A problem where the user ID and department name columns are displayed as blank when querying the results of the IP application form | 4.1.4 |
| 120324 | GN-26573 | WebUI | Check the management console settings, change the integration and change the language setting parameters | 6.0.0 |
| 120324 | GN-26560 | WebUI | The problem of not being searched when AND is present in the search term on the node management screen | 5.0.38 |
| 120324 | GN-26558 | WebUI | A problem that is not fixed when only the TTL value of the FQDN option is modified in the network address of a network object | 5.0.19 |
| 120324 | GN-26529 | WebUI | Improved error page output due to incorrect sensor IP/mask settings in the Sensor IP Usage Rate Top Status (old version) widget | 4.1.4 |
| 120324 | GN-26489 | Center | An issue where the thread ID in the debug file does not remain normal in the Ubuntu/cloud version | 6.0.0 |
| 120324 | GN-26487 | WebUI | Fixed an issue where an error page was displayed when there was no value on the CVE detail screen | 5.0.24 |
| 120324 | GN-26476 | WebUI | Correction of errors on the execution results status page for each action | 5.0.50 |
| 120324 | GN-26463 | GenianOS | A problem where syscollect may not work properly | 5.0.0 |
| 120324 | GN-26439 | Center, Sensor | Problems that are not allowed in SWG if it is an Application Category condition for an application object | 6.0.14 |
| 120324 | GN-26369 | WebUI | A problem where the date display is incorrectly displayed when searching for the previous year in the node/log/wireless LAN report | 5.0.34 |
| 120324 | GN-26235 | macOS Agent | macOS agent problem of not being able to obtain motherboard information for new model Macs | 5.0.41, 6.0.0 |
| 120324 | GN-25815 | WebUI | A problem where the approval/rejection popup for a new IP application is active and the approval/rejection popup is enabled, the problem is that it is in a waiting state when approved/rejected | 4.1.3 |
| 120324 | GN-24713 | procmond | A problem where a daemon operation error occurs when changing the policy server to a sensor-only image | 5.0.0 |
| 120142 | GN-27237 | Center, Sensor | A problem where the node cannot be immediately re-registered by the sensor when the agent node registered to the sensor is deleted from the management console | 5.0.42 |
| 114063 | GN-26566 | WebUI | An issue where the changed information was updated and not displayed when the tab was moved after updating the node information | 5.0.50 |