CVE-2017-5328 Spoofing in Terminal Server Agent
Attack Vector
NETWORK
Scope
UNCHANGED
Attack Complexity
LOW
Confidentiality Impact
NONE
Privileges Required
NONE
Integrity Impact
HIGH
User Interaction
NONE
Availability Impact
NONE
Description
A spoofing vulnerability exists in Terminal Server Agent (ref # PAN-67269 / CVE-2017-5328).
Terminal Server Agent contains a vulnerability whereby a user can spoof the identity of another authenticated user.
This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier
Product Status
Versions | Affected | Unaffected |
---|---|---|
Terminal Server Agent 7.0 | <= 7.0.6 | >= 7.0.7 |
Severity: HIGH
CVSSv3.0 Base Score: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
Solution
Terminal Server Agent 7.0.7 and later
Workarounds and Mitigations
N/A