CVE-2023-40251

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Aug 17, 2023

Updated: Aug 29, 2023

CWE ID 311

Summary

CVE-2023-40251 is a vulnerability affecting multiple Genians products, including Genian NAC V4.0, Genian NAC V5.0, Genian NAC Suite V5.0, and Genian ZTNA. The issue involves the lack of encryption for sensitive data, making it susceptible to Man-in-the-Middle attacks. Specifically, the vulnerability exists in Genian NAC V4.0 from versions V4.0.0 through V4.0.155; Genian NAC V5.0 from versions V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0 from versions V5.0.0 through V5.0.54; and Genian ZTNA from versions V6.0.0 through V6.0.15. Organizations using these affected versions should apply the available patches as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

Genians

Advisories, Assessments, and Mitigations

Back to Vulnerability Database