Unrated severityNVD Advisory· Published May 20, 2022· Updated Aug 3, 2024

CVE-2022-31215

Description

In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.

Affected products

Goverlan/Goverlan Reach Consoledescription
Goverlan/Reach Client Agentsllm-create
Range: <10.1.11
Goverlan/Reach Consolellm-fuzzy
Range: <10.5.1
Goverlan/Reach Serverllm-fuzzy
Range: <3.70.1

Patches

Vulnerability mechanics

References

goverlan.commitrex_refsource_MISC
www.goverlan.com/knowledge/article/security-advisory-govsa-2022-0506-1-disable-windows-firewall/mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000