KrCERT/CC AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

KrCERT/CC AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

AV-Lack of information

PR-No privileges needed

S-Unclear if Scope change occurs

UI-User Interaction not identified

KrCERT/CC CWE-89

KrCERT/CC CWE-494

https://docs.genians.com/nac/5.0/release/ko/advisories/GN-SA-2023-001.html [No Types Assigned]

https://www.genians.co.kr/notice/2023 [Vendor Advisory]

OR
     *cpe:2.3:a:genians:genian_nac:*:*:*:*:-:*:*:* versions from (including) 4.0.0 up to (excluding) 4.0.156
     *cpe:2.3:a:genians:genian_nac:*:*:*:*:-:*:*:* versions from (including) 5.0.0 up to (excluding) 5.0.55
     *cpe:2.3:a:genians:genian_nac:5.0.42:-:*:*:lts:*:*:*
     *cpe:2.3:a:genians:genian_nac:5.0.42:revision_117460:*:*:lts:*:*:*
     *cpe:2.3:a:genians:genian_ztna:*:*:*:*:*:*:*:* versions from (including) 6.0.0 up to (excluding) 6.0.16

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NIST CWE-494

https://www.genians.co.kr/notice/2023 No Types Assigned

https://www.genians.co.kr/notice/2023 Vendor Advisory

KrCERT/CC CWE-494

KrCERT/CC CWE-94

Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

KrCERT/CC AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

KrCERT/CC AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

KrCERT/CC CWE-94

KrCERT/CC CWE-494

Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.