CVE-2023-40253
MEDIUMGenian NAC 4.0.0-4.0.155, 5.0.0-5.0.42; Suite 5.0.0-5.0.54; ZTNA 6.0.0-6.0.15 - Auth Abuse
Title source: llmDescription
Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
References (1)
Core 1
Core References
Scores
CVSS v3
6.0
EPSS
0.0037
EPSS Percentile
28.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-287
CWE-78
Status
published
Products (3)
genians/genian_nac
5.0.42 (2 CPE variants)
genians/genian_nac
4.0.0 - 4.0.156
genians/genian_ztna
6.0.0 - 6.0.16
Published
Aug 11, 2023
Tracked Since
Feb 18, 2026