CVE-2023-40251

Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

CVSS v3.0 5.9 MEDIUM

5.9^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.genians.co.kr/notice/2023	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:genians:genian_ztna::::::::
	cpe:2.3:a:genians:genian_nac:::::-:::*
	cpe:2.3:a:genians:genian_nac:5.0.42:revision_117460:::lts:::*
	cpe:2.3:a:genians:genian_nac:5.0.42:-:::lts:::*
	cpe:2.3:a:genians:genian_nac:::::-:::*

Information

Published : 2023-08-17 07:15

Updated : 2023-08-23 14:43

NVD link : CVE-2023-40251

Mitre link : CVE-2023-40251

JSON object : View

Products Affected

genians

genian_ztna
genian_nac

CWE

CWE-311

Missing Encryption of Sensitive Data

5.9 /10