CVE-2017-6356
Summary
| CVE | CVE-2017-6356 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-03-20 16:59:00 UTC |
| Updated | 2021-09-13 12:05:00 UTC |
| Description | Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors. |
Risk And Classification
Problem Types: CWE-732
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Paloaltonetworks | Terminal Services Agent | 6.0 | All | All | All |
| Application | Paloaltonetworks | Terminal Services Agent | 7.0 | All | All | All |
| Application | Paloaltonetworks | Terminal Services Agent | 8.0 | All | All | All |
| Application | Palo Alto Networks | Terminal Services Agent | 6.0 | All | All | All |
| Application | Palo Alto Networks | Terminal Services Agent | 7.0 | All | All | All |
| Application | Palo Alto Networks | Terminal Services Agent | 8.0 | All | All | All |
| Application | Palo Alto Networks | Terminal Services Agent | 6.0 | All | All | All |
| Application | Palo Alto Networks | Terminal Services Agent | 7.0 | All | All | All |
| Application | Palo Alto Networks | Terminal Services Agent | 8.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2017-6356 Information Disclosure in Terminal Services Agent | CONFIRM | security.paloaltonetworks.com | |
| Palo Alto Networks Terminal Services CVE-2017-6356 Information Disclosure Vulnerability | BID | www.securityfocus.com | Third Party Advisory, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.