Описание
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
Ссылки
- Third Party AdvisoryVDB EntryVendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB EntryVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:paloaltonetworks:terminal_services_agent:6.0:*:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:terminal_services_agent:7.0:*:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:terminal_services_agent:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
EPSS
Процентиль: 31%
0.00117
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-732