Описание
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.
Ссылки
- Issue TrackingRelease NotesThird Party AdvisoryVDB Entry
- Issue TrackingRelease NotesThird Party Advisory
- Issue TrackingRelease NotesThird Party AdvisoryVDB Entry
- Issue TrackingRelease NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:beyondtrust:remote_support:15.2.1:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:remote_support:15.2.2:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:remote_support:16.1.1:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:remote_support:16.1.2:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:remote_support:16.1.3:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:remote_support:16.1.4:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:remote_support:16.2.1:*:*:*:*:*:*:*
cpe:2.3:a:beyondtrust:remote_support:16.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00145
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-426
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.
EPSS
Процентиль: 35%
0.00145
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-426