CVE-2018-18817

EUVD-2018-10533
The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to modify registry keys via the Leostream Agent API.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
leostreamagent
𝑥
< 7.0.1.0
leostreamconnection_broker
𝑥
≤ 8.2.72
𝑥
= Vulnerable software versions
References
https://leostream.kayako.com/Knowledgebase/Article/View/85/52/leostream-agent-security-update
https://leostream.kayako.com/Knowledgebase/Article/View/85/52/leostream-agent-security-update