Insufficient Access Control on Local Registry Keys in PRTG Allows Unauthorized Access to Administrative Credentials

Insufficient Access Control on Local Registry Keys in PRTG Allows Unauthorized Access to Administrative Credentials

CVE-2019-19119 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials.

Learn more about our Cis Benchmark Audit For Server Software.