Vulnerabilities (CVE)

Filtered by vendor Goverlan Subscribe
Filtered by product Client Agent
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31215 1 Goverlan 3 Client Agent, Reach Console, Reach Server 2024-11-21 3.5 LOW 6.5 MEDIUM
In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.
CVE-2019-20456 2 Goverlan, Microsoft 4 Client Agent, Reach Console, Reach Server and 1 more 2024-11-21 4.4 MEDIUM 7.8 HIGH
Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent before 9.20.50 have an Untrusted Search Path that leads to Command Injection and Local Privilege Escalation via DLL hijacking.