CVE-2017-6356
Published Mar 20, 2017
Last updated 3 years ago
Overview
- Description
- Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-732
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paloaltonetworks:terminal_services_agent:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "867C0010-2021-4180-97A3-72BB4773B123"
},
{
"criteria": "cpe:2.3:a:paloaltonetworks:terminal_services_agent:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DA7D6B0-B08E-4B1D-AE9B-3B405B80488D"
},
{
"criteria": "cpe:2.3:a:paloaltonetworks:terminal_services_agent:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6DCF61B-016E-49D1-8D60-C94C6D13F95E"
}
],
"operator": "OR"
}
]
}
]