Genian ZTNA 6.0.2 Release Notes (2022-02-09)
Last Updated: 2022-04-12
Security Vulnerability
| Revision | Key | Components | Description | Affects Versions | CVSS Score |
|---|---|---|---|---|---|
| 103842 | GN-24689 | WebUI | Issues where XSS is possible in Audit > Logs > Log Search | 4.3 | |
| 103670 | GN-24651 | Center, macOS Agent, Windows Agent | Upgrading to the latest version of OpenSSL (OpenSSL 1.1.1n) | 4.0.0, 5.0.0, 6.0.0 | 7.5 |
| 103638 | GN-24687 | WebUI | An issue where files can be accessed by relative paths on the debug log screen | 3.83 | |
| 102685 | GN-24535 | WebUI | Remove logstash | 5.9 |
New Features and Improvements
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 103413 | GN-24648 | WebUI | Fixed an issue where search results were slow when there was an IP owner column in the node list | |
| 103066 | GN-24302 | Center | Add macros and provide a response message capture function to enable MD5 (MD5B64), an encryption method linked to webhook authentication | |
| 103058 | GN-24257 | Center | Improved so that a server connection timeout can be set when linking LDAP authentication | |
| 103053 | GN-24198 | WebUI | A problem where a specific domain is not registered in the network address of a network object | |
| 102920 | GN-24557 | Center, RADIUSD | Provides a node registration function as an optional setting function during RADIUS authentication | |
| 102892 | GN-24151 | WebUI | Added an API for setting and querying sensors that can be used for each purpose of the IP application system | |
| 102436 | GN-24246 | macOS Agent | Implementing features related to secondary authentication in macOS ZTNA Connection Manager | 6.0.2 |
| 102436 | GN-24172 | WebUI | Fixed so that Tomcat version information is not output when Bad Request (400) occurs | |
| 102436 | GN-24165 | WebUI | Fixed so that html tags are not converted when entering instance message content | |
| 102436 | GN-24130 | macOS Agent | Structural improvements for multiple VPN connections to the macOS ZTNA connection manager | 6.0.2 |
| 102436 | GN-24082 | WebUI | Improved so that additional tags other than node tags can be queried through the /nodes/ {nodeID} /tags API | |
| 102436 | GN-24077 | WebUI | Modified to enable web access even if the MySQL authentication plugin is changed to sha256_password | |
| 102436 | GN-24068 | WebUI | Improved to be able to specify the date format displayed in the new dashboard chart widget tooltip | |
| 102436 | GN-24059 | WebUI | Added a reverse assignment function when applying for IP | |
| 102436 | GN-24045 | DKNS | Improved so that DHCP Pool can be set when setting up ZTNA Client | |
| 102436 | GN-24029 | Center | Ability to send authentication codes through Google OTP secondary authentication and webhooks during agent authentication and RADIUS authentication | |
| 102436 | GN-24020 | WebUI | Adding parameters for functions added to the Applications REST API | |
| 102436 | GN-24010 | WebUI | Modified so that when the sensor name is changed, the sensor names of the nodes belonging to the sensor are changed immediately | |
| 102436 | GN-23980 | Center | Improved so that emails are sent to multiple email accounts when sending query report emails | |
| 102436 | GN-23964 | WebUI, Windows Agent | Node Information - Show virtual type for connection method in interface information | |
| 102436 | GN-23953 | WebUI | Self-signed certificate regeneration and externally generated SSL certificate registration function | |
| 102436 | GN-23943 | Center | Improved the part where Hangul is displayed when generating an English audit log | |
| 102436 | GN-23930 | WebUI | Support for custom encryption algorithm methods | |
| 102436 | GN-23918 | WebUI | A problem where two or more of the same standalone plug-in actions can be included in a node policy | |
| 102436 | GN-23896 | WebUI | Performance improvements such as removing JOIN queries when querying a list query on the node detail screen | |
| 102436 | GN-23895 | Authsync | Improved so that it can be linked up to Oracle Database 19c | |
| 102436 | GN-23880 | Linux Agent | Linux Agent, an issue where the agent works abnormally when changing the OS login user or logging out Linux Agent, re-logging in | |
| 102436 | GN-23869 | Windows Agent | Adding a 5.0 Version "Http URL Authentication" Custom Plug-in | |
| 102436 | GN-23865 | Windows Agent | Added a custom plugin for hostname authentication in version 5.0 | |
| 102436 | GN-23861 | WebUI | Improved Cloud Sensor registration function | |
| 102436 | GN-23852 | WebUI | Improved to enable Google OTP second authentication in CWP | |
| 102436 | GN-23833 | WebUI | Template modification function added to Security Group detail screen | |
| 102436 | GN-23831 | WebUI | Modify the time period setting in the flow log widget to output a subtitle | |
| 102436 | GN-23825 | Linux Agent | Linux Agent adds a function to operate with the previous policy when the center connection is not possible | |
| 102436 | GN-23817 | IPMGMT, WebUI | Improvement of the IP application system email step-by-step approval method | |
| 102436 | GN-23802 | WebUI | Improved software update guidance - provides separate patch and upgrade | |
| 102436 | GN-23752 | Linux Agent | Linux Agent, new distribution and version information added | |
| 102436 | GN-23749 | Linux Agent | Linux Agent develops a function to check the latest TmaxOS updates | |
| 102436 | GN-23731 | WebUI | Security Group Terraform tf file download function | |
| 102436 | GN-23724 | WebUI | Added a CONF_OPTIONS item that reflects the default initial value according to the CONF engine's choices | |
| 102436 | GN-23722 | Linux Agent | Linux Agent, interface control action development | |
| 102436 | GN-23698 | WebUI | Add relevant content to the widget schema to set link targets | |
| 102436 | GN-23644 | GenianOS | Added some missing file system checks at boot time | |
| 102436 | GN-23468 | Center | Improved so that other webhook APIs can be called using the Webhook API call results | |
| 102436 | GN-23221 | Windows Agent | Chrome and Edge option controls added to IE security option control plug-in | |
| 102436 | GN-23212 | Ubuntu(Debian) | [General-purpose OS] Repository separation work for installing each genian-nac version | |
| 102436 | GN-23210 | macOS Agent | macOS ZTNA connection manager plugin added | |
| 102436 | GN-23189 | macOS Agent | macOS Agent appearance and personalization plug-in - adds screensavers and desktop controls | |
| 102436 | GN-22690 | WebUI | Audit log limit function - An issue where all logs are displayed in the audit log even when the node management scope is limited | |
| 102436 | GN-22074 | WebUI | Improved SAML authentication integration to support 2 or more IdPs (Authentication Information Providers) | |
| 102436 | GN-21279 | CLOUD | Improved so that files can be attached when sending emails via AWS SES |
Issues Fixed
| Revision | Key | Components | Description | Affects Versions |
|---|---|---|---|---|
| 103817 | GN-24691 | Center | A problem where a log is generated when a node registered through a switch is registered by a sensor | 5.0.43, 6.0.0 |
| 103760 | GN-24683 | Sensor | An issue where the sensor daemon abnormally terminates due to an incorrect memory reference after starting a DHCP scan | 4.0.2 |
| 103726 | GN-24724 | Windows Agent | An issue where agent action policies are applied late after transitioning from an external to an internal network state | 5.0.40, 6.0.0 |
| 103639 | GN-24284 | WebUI | When assigning directly from the IP application approval screen, an error occurs when approval is performed after changing the management sensor | 5.0.13 |
| 103620 | GN-24682 | WebUI | A problem where IPs are not assigned in reverse order when the approval method for each IP use is automatic approval | 5.0.44, 6.0.2 |
| 103614 | GN-24684 | WebUI | An unresponsive issue when logging in to an account (genians.com) on the license screen | 5.0.20 |
| 103517 | GN-24617 | WebUI | An issue where the added node type (virtual sensor, agent sensor) is missing from the node group settings list and the search field conditions in the node list | 5.0.40 |
| 103488 | GN-24597 | Center | An issue where node groups cannot be included due to agent version comparison conditions | 5.0.16, 6.0.0 |
| 103432 | GN-24485 | macOS Agent | An issue where macOS Agent memory continues to grow | 4.0.0, 5.0.0, 6.0.1 |
| 103404 | GN-24644 | Center | An issue where the center daemon dies intermittently when updating ARP management plug-in information | 5.0.43, 6.0.0, 4.0.146 |
| 103399 | GN-24658 | OpenVPN | An issue where the authenticated user is incorrectly displayed when connecting to ZTNA Client with an ID of 9 or more digits | 6.0.0 |
| 103384 | GN-24678 | Sensor | An issue where some information is missing when collecting SNMP v3 switch information | 5.0.44, 6.0.1 |
| 103342 | GN-23923 | Windows Agent | A problem where the information collection plug-in collects empty information and deletes node information | 5.0.0 |
| 103247 | GN-24619 | Center | A problem where the node type of a manual registration switch is changed to a network device due to a node information scan | 5.0.14 |
| 103224 | GN-24582 | Center | Symptoms that an authorized object does not work when copying a control policy from a mirror sensor | 4.0.116, 5.0.13 |
| 103213 | GN-24622 | Enforcer | An issue where the Enforcer kernel module panics due to incorrect garbage values during the node information update process | 6.0.1 |
| 103093 | GN-24586 | Windows Agent | Some SW were not collected due to the software information collection plug-in and a DB error occurred | 5.0.43, 6.0.0 |
| 103048 | GN-24603 | Center | The problem of not updating the control policy permission cache when adding a new control policy or changing the control policy using/not using the control policy | 4.0.M2 |
| 102987 | GN-24593 | Enforcer | A problem where the node status changes to down by performing a healthcheck on a node registered to the virtual sensor | 5.0.32 |
| 102950 | GN-24358 | Center | A problem where a normal node other than a virtual sensor is set as an agent sensor if the virtual sensor and IP are the same | 5.0.40 |
| 102867 | GN-24544 | Sensor | An issue where WOL packets are sent to the wrong interface | 5.0.40 |
| 102836 | GN-24375 | The problem of not being able to organize ES backups (Snapshots) | 5.0.42 | |
| 102798 | GN-24350 | WebUI | A problem where the settings UI is not displayed properly when changing the settings of the node action being used | 5.0.45, 6.0.2 |
| 102557 | GN-24364 | WebUI | IP collision protection - the problem of not being able to set multiple MACs | 5.0.42, 6.0.0 |
| 102509 | GN-24467 | WebUI | A problem where the list is not output when adding a rank column from the node management list | 5.0.33 |
| 102500 | GN-24479 | WebUI | An issue where the NAC license text may be output even though the license has not been exceeded | 4.1.M3 |
| 102436 | GN-24598 | Enforcer, Sensor | Fixed abnormal earlyrole behavior when setting “if not a member” AND “if not a member” in node group conditions | 4.0.114, 5.0.11 |
| 102436 | GN-24415 | Authsync | Library path error when synchronizing Cloud NAC Oracle information | 5.0.45, 6.0.2 |
| 102436 | GN-24346 | Authsync | [CLOUD] An issue where information synchronization takes a long time to complete | 5.0.23 |
| 102436 | GN-24307 | Center, Sensor | A symptom occurs where the node role is not delivered to the sensor when the IPs of a node group composed only of IP are changed | 5.0.11, 6.0.0 |
| 102436 | GN-24273 | A problem where users are not authenticated when connecting to ZTNA Client | 6.0.1 | |
| 102436 | GN-24268 | WebUI | An issue where automatic node snapshot report generation fails | 6.0.0 |
| 102436 | GN-24261 | Center | An issue where the HA VIP node's Device Type is registered as a NODE | 5.0.40 |
| 102436 | GN-24254 | RADIUSD | When the RADIUS daemon is stopped, the winbindd daemon does not stop and remains a problem | 5.0.35 |
| 102436 | GN-24194 | Center | An issue where user groups cannot be reapplied when updating user passwords | 5.0.44 |
| 102436 | GN-24188 | WebUI | An issue where the screen does not move after processing priority use approval of the application form for items awaiting email approval | 5.0.13 |
| 102436 | GN-24153 | WebUI | IP Management > There are matrices that are not properly output in Matrix View | 4.0.12 |
| 102436 | GN-24147 | WebUI | <br>Fixed a tag display issue in the audit log description column tooltip | 5.0.22 |
| 102436 | GN-24139 | Windows Agent | A problem where the total storage capacity is incorrectly collected when collecting storage device information | 4.1.0, 5.0.0, 6.0.0 |
| 102436 | GN-24136 | WebUI | A problem where the image path is displayed in the node group setting value when (comma) is present in the node action name | 5.0.14 |
| 102436 | GN-24120 | WebUI | Management role management screen > An error occurred when creating a service role | 5.0.42 |
| 102436 | GN-24113 | WebUI | An error where menu restriction settings cannot be disabled when modifying a management role | 5.0.0 |
| 102436 | GN-24110 | Windows Agent | An issue where incorrect authentication values are linked to the Smart NAC alternate authentication plug-in | 5.0.41 |
| 102436 | GN-24092 | WebUI | A problem where input items do not change depending on the selected item when setting node group conditions | 5.0.20 |
| 102436 | GN-24085 | WebUI | A problem where a password cannot be entered when importing users from the user management screen | 5.0.40 |
| 102436 | GN-24071 | WebUI | An issue where the identity verification item is not displayed on the CWP new user registration screen | 5.0.42, 6.0.0 |
| 102436 | GN-24011 | RADIUSD | A problem where RADIUS authentication fails when the number of RADIUS attributes is high | 5.0.24 |
| 102436 | GN-24005 | Center | The problem of not being able to download when using the file distribution plug-in https URL | 4.0.0, 5.0.0 |
| 102436 | GN-24002 | Linux Agent | Linux Agent, the issue where the tray icon is not displayed | 5.0.42, 6.0.0 |
| 102436 | GN-23997 | WebUI | A problem where an error message is output when clicking the edit button for the object in the permission object's condition settings | 5.0.25 |
| 102436 | GN-23962 | WebUI | An issue where special characters are not assigned to a control policy if the permission object ID contains special characters | 4.0.M8 |
| 102436 | GN-23952 | IPMGMT | The problem of not being able to automatically log in and log in to the IP application system when using http | 5.0.27 |
| 102436 | GN-23950 | Authsync | The problem of not being synchronized when synchronizing csv information using https | 4.0.5 |
| 102436 | GN-23949 | CWP | An issue where when registering a new user, an approval request email is sent even if the visitor's email approval is disabled | 4.0.M8 |
| 102436 | GN-23925 | Sensor | An issue where local network packets for an interface added as an Alias IP are forwarded to the Default Gateway | 5.0.42 |
| 102436 | GN-23917 | Sensor | An issue where virtual IPs are not registered when adding virtual IPs manually | 5.0.41, 6.0.0 |
| 102436 | GN-23891 | A problem where authentication is attempted even if the connection fails from the primary server when linking LDAP authentication | 5.0.15, 4.0.137 | |
| 102436 | GN-23855 | Center | Improved so that when the switch is manually registered, the sensor tree switch information is updated when the same switch exists with an IP in a different network band | 4.0.117, 5.0.14 |
| 102436 | GN-23836 | Changes in how IP Mobility duplicate node registrations are prevented | 6.0.1 | |
| 102436 | GN-23835 | Center | An issue where node group conditions cannot be set related to the Equipment Lifecycle Management Additional Field (NI_CUSTOM) | 4.0.129, 5.0.26 |
| 102436 | GN-23819 | WebUI | Error where custom web application cannot be set because the link to the tomcat webapps folder does not exist | 5.0.40 |
| 102436 | GN-23760 | Enforcer, Sensor | Redundant poisoning issues during VXLAN tunneling | 6.0.1 |