Vulnerability Description
An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Paessler | Prtg Network Monitor | >= 7.0, <= 19.4.53. |
Related Weaknesses (CWE)
References
- https://blog.paessler.comVendor Advisory
- https://blog.paessler.com/prtg-release-19.4.54-includes-2-brand-new-sensors-for-Vendor Advisory
- https://www.paessler.com/prtg/history/previewVendor Advisory
- https://www.ptsecurity.com/ww-en/about/news/positive-technologies-helps-in-elimiThird Party Advisory
- https://blog.paessler.comVendor Advisory
- https://blog.paessler.com/prtg-release-19.4.54-includes-2-brand-new-sensors-for-Vendor Advisory
- https://www.paessler.com/prtg/history/previewVendor Advisory
- https://www.ptsecurity.com/ww-en/about/news/positive-technologies-helps-in-elimiThird Party Advisory
FAQ
What is CVE-2019-19119?
CVE-2019-19119 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to ac...
How severe is CVE-2019-19119?
CVE-2019-19119 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-19119?
Check the references section above for vendor advisories and patch information. Affected products include: Paessler Prtg Network Monitor.