CVE-2017-6356
published 2017-03-20CVE-2017-6356: Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to…
PriorityP423medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.98%
57.7th percentile
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | terminal_server_agent | — | — |
| paloaltonetworks | terminal_services_agent | — | — |
| paloaltonetworks | terminal_services_agent | — | — |
| paloaltonetworks | terminal_services_agent | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8cjq-m469-phpm: Palo Alto Networks Terminal Services (aka TS) Agent 6
ghsa_unreviewed·2022-05-13
CVE-2017-6356 [MEDIUM] CWE-732 GHSA-8cjq-m469-phpm: Palo Alto Networks Terminal Services (aka TS) Agent 6
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
Palo Alto
Information Disclosure in Terminal Server Agent
vendor_paloalto·2017-03-15·CVSS 5.3
CVE-2017-6356 [MEDIUM] CWE-732 Information Disclosure in Terminal Server Agent
Information Disclosure in Terminal Server Agent
An information disclosure vulnerability exists in the Terminal Server (TS) agent. Session information may be disclosed due to insecure permissions (WINAGENT-43 / CVE-2017-6356).
The information disclosure is limited to session information.
This issue affects TS agent 6.0, TS agent 7.0, and TS agent 8.0.
Affected products: Terminal Server Agent
Solution: TS agent 8.0.1 and later releases.
We recommend customers use custom certificates when using the TS agent. Further details on using customer certificates can be reviewed at:
https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/user-id/configure-user-mapping-for-terminal-server-users.html
Workaround: TS agent is fully backwards compatible with all currently supported versions o
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-03-20
Published