Authorization

2022-05-2012:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.7%

JSON

In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.

CPENameOperatorVersion
client_agentlt10.1.11
reach_consolelt10.5.1
reach_serverlt3.70.1

Name	Operator	Version
client_agent	lt	10.1.11
reach_console	lt	10.5.1
reach_server	lt	3.70.1

References

goverlan.com

www.goverlan.com/knowledge/article/security-advisory-govsa-2022-0506-1-disable-windows-firewall/