CVE-2017-5996 Information

Description

The agent in Bomgar Remote Support 15.2.x before 15.2.3 16.1.x before 16.1.5 and 16.2.x before 16.2.4 allows DLL hijacking because of weak SYSTEMDRIVE\ProgramData permissions.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://www.securitytracker.com/id/1039679 https://www.vsecurity.com/download/advisories/20171026-1.txt

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8