Palo Alto Networks Security Advisories / CVE-2017-5328

CVE-2017-5328 Spoofing in Terminal Server Agent

047910
Severity 7.5 · HIGH
Attack Vector NETWORK
Scope UNCHANGED
Attack Complexity LOW
Confidentiality Impact NONE
Privileges Required NONE
Integrity Impact HIGH
User Interaction NONE
Availability Impact NONE
NVD JSON
Published 2017-01-26
Updated
Reference PAN-67269 PAN-SA-2017-0002

Description

A spoofing vulnerability exists in Terminal Server Agent (ref # PAN-67269 / CVE-2017-5328).

Terminal Server Agent contains a vulnerability whereby a user can spoof the identity of another authenticated user.

This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier

Product Status

VersionsAffectedUnaffected
Terminal Server Agent 7.0<= 7.0.6>= 7.0.7

Severity:HIGH

CVSSv3.1 Base Score:7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Weakness Type

Solution

Terminal Server Agent 7.0.7 and later

Workarounds and Mitigations

N/A

Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure Policy Report vulnerabilitiesManage subscriptions
© 2023 Palo Alto Networks, Inc. All rights reserved.