Vulnerability Details CVE-2022-31215
In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.5
References
Products affected by CVE-2022-31215
-
cpe:2.3:a:goverlan:client_agent:10.1.10
-
cpe:2.3:a:goverlan:client_agent:9.20.02
-
cpe:2.3:a:goverlan:client_agent:9.20.50
-
cpe:2.3:a:goverlan:reach_console:10.5.0
-
cpe:2.3:a:goverlan:reach_console:9.20
-
cpe:2.3:a:goverlan:reach_console:9.50
-
cpe:2.3:a:goverlan:reach_server:3.20
-
cpe:2.3:a:goverlan:reach_server:3.50
-
cpe:2.3:a:goverlan:reach_server:3.70.0