Outlook add-in in Pronestor Planner before 8.1.77 Improper Privilege Management Vulnerability

Summary

Outlook add-in in Pronestor Planner before 8.1.77 suffers from improper privilege management vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:http://help.pronestor.com/download/PronestorBooking/ReleaseNotes/ReleaseNotes.htm


Details

An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled.

 

Vulnerable Systems:

Outlook add-in in Pronestor Planner before 8.1.77

 

CVE Information:

CVE-2019-17390

 

Disclosure Timeline:
Published Date:12/18/2019

Categories: FeaturedNews