CVE-2018-18817

The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to modify registry keys via the Leostream Agent API.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
leostreamagent
𝑥
< 7.0.1.0
leostreamconnection_broker
𝑥
≤ 8.2.72
𝑥
= Vulnerable software versions
References
https://leostream.kayako.com/Knowledgebase/Article/View/85/52/leostream-agent-security-update
https://leostream.kayako.com/Knowledgebase/Article/View/85/52/leostream-agent-security-update