Vulnerabilities > CVE-2022-31215 - Unspecified vulnerability in Goverlan Client Agent, Reach Console and Reach Server

CVSS 3.5 - LOW

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

goverlan

NVD

Published: 2022-05-20

Updated: 2022-06-01

Summary

In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.

Vulnerable Configurations

Part	Description	Count
Application	Goverlan Goverlan Client Agent 9.20.02 Goverlan Client Agent 9.20.50 Goverlan Client Agent 10.1.10 Goverlan Reach Console 9.20 Goverlan Reach Console 9.50 Goverlan Reach Console 10.5.0 Goverlan Reach Server 3.20 Goverlan Reach Server 3.50 Goverlan Reach Server 3.70.0	9

Summary

Vulnerable Configurations

References