Last revised: 03/15/2017
An information disclosure vulnerability exists in the Terminal Services (TS) agent. Session information may be disclosed due to insecure permissions (WINAGENT-43 / CVE-2017-6356).
The information disclosure is limited to session information.
TS agent 6.0, TS agent 7.0, and TS agent 8.0.
TS agent 8.0.1 and later releases. We recommend customers use custom certificates when using the TS agent. Further details on using customer certificates can be reviewed at: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/user-id/configure-user-mapping-for-terminal-server-users.html
TS agent is fully backwards compatible with all currently supported versions of PAN-OS software. Customers using TS agents 6.0 and 7.0 can use TS agent 8.0.1.