CVE-2017-6356
First published: Mon Mar 20 2017(Updated: )
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Terminal Services Agent | =6.0 | |
| Paloaltonetworks Terminal Services Agent | =7.0 | |
| Paloaltonetworks Terminal Services Agent | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-6356?
CVE-2017-6356 is classified with a high severity level due to its potential to expose sensitive session information.
How do I fix CVE-2017-6356?
To mitigate CVE-2017-6356, upgrade your Palo Alto Networks Terminal Services Agent to version 8.0.1 or higher.
What is affected by CVE-2017-6356?
CVE-2017-6356 impacts Palo Alto Networks Terminal Services Agent versions 6.0, 7.0, and 8.0 prior to 8.0.1.
What are the potential impacts of CVE-2017-6356?
CVE-2017-6356 can allow attackers to gain unauthorized access to sensitive session information.
Is there a workaround for CVE-2017-6356?
There is no documented workaround for CVE-2017-6356; the recommended action is to upgrade to the latest version.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- vendor/paloaltonetworks
- canonical/paloaltonetworks terminal services agent
- version/paloaltonetworks terminal services agent/6.0
- version/paloaltonetworks terminal services agent/7.0
- version/paloaltonetworks terminal services agent/8.0