CVE-2023-40253 MEDIUM

CVE-2023-40253

Vendor Genians

Product Genian NAC V4.0

Weakness CWE-78

Published August 11, 2023

Last update October 1, 2024

View on NVD All CVEs

CVSS base score

6.0/10

Attack vector Local

Attack complexity Low

Privileges required High

User interaction None

Confidentiality None

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

What the vulnerability does

01Description

Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

Key dates

02Disclosure timeline

August 11, 2023 CVE published

October 1, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-40253 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/78.html

Related vulnerabilities

Identifiers

CVE CVE-2023-40253

CWE CWE-78

CVSS 6.0 / MEDIUM

Affected versions

Vendor Genians

Product Genian NAC V4.0

Affected ≥ V4.0.0 and ≤ V4.0.155

Vendor Genians

Product Genian NAC V5.0

Affected ≥ V5.0.0 and ≤ V5.0.42 (Revision 117460)

Vendor Genians

Product Genian NAC Suite V5.0

Affected ≥ V5.0.0 and ≤ V5.0.54

Vendor Genians

Product Genian ZTNA

Affected ≥ V6.0.0 and ≤ V6.0.15

CVE-2023-40253

01Description

02Disclosure timeline

03References

04Related CVE