CVE-2018-18817

The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to modify registry keys via the Leostream Agent API.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
leostreamagent
𝑥
< 7.0.1.0
leostreamconnection_broker
𝑥
≤ 8.2.72
𝑥
= Vulnerable software versions
References
https://leostream.kayako.com/Knowledgebase/Article/View/85/52/leostream-agent-security-update
https://leostream.kayako.com/Knowledgebase/Article/View/85/52/leostream-agent-security-update