← Back

CVE-2017-5996

nvd nist
Published: Oct 26, 2017Modified: May 13, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.

Affected (8)

Beyondtrust
1 product
Remote Support
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Beyondtrust
Remote Support
Version 15.2.1
Remote Support
Version 15.2.2
Remote Support
Version 16.1.1
Remote Support
Version 16.1.2
Remote Support
Version 16.1.3
Remote Support
Version 16.1.4
Remote Support
Version 16.2.1
Remote Support
Version 16.2.2

Related CWEs

CWE-426
Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

References (4)

Source: cve@mitre.org
Issue TrackingRelease NotesThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Issue TrackingRelease NotesThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingRelease NotesThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingRelease NotesThird Party Advisory

Timeline

No history available yet.