Genian ZTNA 6.0.16 Release Notes (2023-07-21)
Last Updated: 2024-08-19
Security Vulnerability
Revision |
Key |
Components |
Description |
Affects Versions |
CVSS Score |
|---|---|---|---|---|---|
125554 |
WebUI |
A problem where blind injection is possible in the node management search bar |
2.2 |
||
125406 |
WebUI |
Service disabled by executing a Tomcat restart command by an unauthorized administrator |
5.0.41 |
2.7 |
|
123781 |
WebUI |
Vulnerability where information can be modified by directly entering a URL to an unauthorised page |
3.1 |
||
123284 |
WebUI |
File export permission bypass vulnerability for unauthorized administrators through the Audit Log REST API |
3.1 |
||
122609 |
WebUI |
Tomcat version upgrade (8.5.94 -> 8.5.96/9.0.81 -> 9.0.83) |
7.5 |
||
121382 |
WebUI |
Improved two-step verification to limit the number of times the verification code can be entered and the time limit |
4.3 |
||
120862 |
WebUI |
Tomcat version upgrade (8.5.94/9.0.81) |
7.5 |
||
118988 |
WebUI |
A problem where Passkey can be registered using the Passkey re-registration function without permission |
3.9 |
||
118676 |
WebUI |
Vulnerability where html/script code can be injected |
5.3 |
||
118272 |
WebUI |
Vulnerability where an html tag output as a department name is executed in a tree |
5.0.0 |
1.2 |
|
117073 |
Center |
Command Injection vulnerability via SQL used to update data |
6.6 |
||
116162 |
Sensor |
nmap script tampering vulnerability during sensor NMDB update |
4.1 |
||
114948 |
Sensor |
Insufficient validation of incoming sensor events |
6.3 |
||
114936 |
Center |
Parameter injection vulnerability due to insufficient verification of download URLs |
6.6 |
New Features and Improvements
Revision |
Key |
Components |
Description |
Affects Versions |
|---|---|---|---|---|
127494 |
macOS Agent |
macOS ZTNA Agent minimum supported OS upgrade |
6.0.0 |
|
127308 |
macOS Agent |
macOS agent supports newly released macOS 15 (codename Sequoia) |
5.0.0, 6.0.0 |
|
125148 |
Center, macOS Agent, Sensor, Windows Agent |
OpenSSL 3.0.13, 1.1.1w upgrade - excessive resource usage during X.509 policy constraint checking |
4.0.0, 5.0.0, 6.0.0 |
|
123464 |
Sensor |
Fixed an issue where pubilc IP cannot be imported when changing sensor operation modes and policies |
||
122922 |
WebUI |
6.0 widget added |
||
122686 |
Windows Agent |
Improved to download only cosign files corresponding to the operating system (64/32 bit) when installing the file distribution V2 plug-in |
5.0.42, 4.0.155, 6.0.15, 5.0.55, 5.0.56, 5.0.57 |
|
122232 |
VRRPD |
[General-purpose OS] A problem where the redundant configuration switches to the slave state due to an interface status check failure after switching to the master state |
5.0.42 |
|
122211 |
WebUI |
API improvements so that start/end times can be set when modifying MAC policies |
||
122169 |
WebUI |
Change the output page when blocked by a URL filter |
||
122163 |
Center, WebUI |
Improved so that data in the /disk/data/report directory is also deleted when setting the number of reports to be saved |
||
121924 |
macOS Agent |
Improved so that agents can validate server events when using macOS multi-policy servers |
||
121886 |
Linux Agent |
Linux Agent, improved so that agents can validate server events when using multiple policy servers |
||
121113 |
-Unknown/None- |
Remove unnecessary permissions from apache/tomcat-related directories and files |
||
120399 |
Center |
A problem where the password entered by the user remains in the central debug file when linking external authentication via extauth fails |
||
120178 |
Windows Agent |
Improved so that agents can validate server events when using multiple policy servers |
||
120017 |
Center, Sensor |
Added the ability to export trusted nodeids from the center to sensors and agents |
||
119945 |
WebUI |
Improved so that items set to markdown can be converted |
||
119810 |
Center, macOS Agent |
macOS agent support for new OS 14.0 (Sonoma) |
||
119717 |
Windows Agent |
Change the integration module to support the new version of the pill |
||
119664 |
Center, Sensor |
[General-purpose OS] Local privilege escalation vulnerability in Ubuntu OverlayFS module |
||
119611 |
Genian Syncer |
Electronic signature verification of operating information data synchronized with Genian Sinker |
||
119336 |
WebUI |
Added IP/MAC additional field items to node registration, batch node registration, and node attribute import |
||
119305 |
WebUI |
Added the ability to output additional IP and MAC fields newly added to the node management list |
||
119025 |
WebUI |
Fixed an issue where webssh could not be connected after the openssh version was upgraded |
||
118991 |
Linux Agent |
Improved functionality so that the approval window is not displayed when using the Linux Agent and File Distribution Plug-in V2 |
||
118795 |
WebUI |
IP/MAC additional field management function added |
||
118668 |
Center |
Simplifying upgrades by including sensors/agents in the Policy Server image |
||
118623 |
Center |
Add node group conditions related to the IP/MAC additional field |
||
118566 |
macOS Agent |
Improved functionality so that the approval window is not displayed when using the macOS file distribution plug-in V2 |
||
118438 |
WebUI |
Expand up to 20 custom fields that can be used when registering nodes in batches (uploading csv files) |
||
118275 |
Ubuntu(Debian) |
[General-purpose OS] ICMP Timestamp support removed |
||
118209 |
Center, Linux Agent, macOS Agent, WebUI, Windows Agent |
Improved functionality so that the approval window is not displayed when using the distribution plug-in V2 |
||
117819 |
Center, macOS Agent |
Development of distribution plugins based on macOS Sigstore electronic signatures |
||
117731 |
macOS Agent |
macOS agent ZTNA applies a new icon and changes the connection display |
||
117654 |
Sensor |
Improved port module kernel upgrade (2.6.38->4.14.196) for Axgate 80D and 200AX models |
||
117501 |
macOS Agent |
Symptoms of not being able to collect AhnLab V3 information when using the macOS agent vaccine information collection plug-in |
||
117501 |
Windows Agent |
Change the Center CA certificate installation option to default ON and change the execution cycle |
||
117501 |
Sensor |
Improved so that it is possible to set whether or not to use HNAP-NSE as an option when performing an NMAP scan |
||
117501 |
Sensor |
Improved so that the sensor can manage the Alias IP band without setting Alias IP in the sensor interface |
||
117501 |
wsdump |
Improved so that the WLAN monitoring function works when the DKNS sensor is running |
||
117501 |
Sensor |
Improved so that the blocking node is unblocked when shutting down via the sensor reboot/poweroff command |
||
117501 |
WebUI |
Improved so that the scroll moves to the top when moving a page in the history management list |
||
117501 |
GenianOS |
[General-purpose OS] OpenVPN package added to ubuntu target |
||
117501 |
WebUI |
Add an organization name (USER_COMPANY) column to the user management list |
||
117501 |
Integretion |
Added provider so that NAC user DB can be used during Keycloak authentication |
||
117501 |
WebUI |
The problem that the CWP device application form and alarm message do not match the time zone |
||
117501 |
WebUI |
Improved so that visitor searches on the user registration page can be queried by the administrator's email |
||
117501 |
WebUI |
Add the Flow Application Name statistics widget to the dashboard |
||
117501 |
CLOUD |
Enables on-prem backup files to be restored to the cloud |
||
116677 |
Center, Sensor |
Enhanced validation of policy server incoming events |