PT-2020-10056 · Paessler · Prtg
Aleksandr Melkikh
·
Published
2020-02-03
·
Updated
2021-07-21
·
CVE-2019-19119
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PRTG versions 7.x through 19.4.53
Description
The issue is related to insufficient access control on local registry keys for the Core Server Service. This allows a non-administrative user on the local machine to access administrative credentials.
Recommendations
For versions 7.x through 19.4.53, consider restricting access to the Core Server Service to minimize the risk of exploitation until a patch is available.
Fix
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Prtg