CVE-2017-6356
MEDIUMPalo Alto Networks Terminal Services Agent 6.0-8.0 - Session Information Exposure via Weak Permissions
Title source: llmDescription
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96925
Vendor Advisory x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2017-6356
Scores
CVSS v3
5.3
EPSS
0.0098
EPSS Percentile
57.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-732
Status
published
Products (3)
paloaltonetworks/terminal_services_agent
6.0
paloaltonetworks/terminal_services_agent
7.0
paloaltonetworks/terminal_services_agent
8.0
Published
Mar 20, 2017
Tracked Since
Feb 18, 2026