VYPR

Pronestor Planner

by Pronestor

CVEs (2)

  • CVE-2019-17390HigDec 18, 2019
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359.

  • CVE-2018-19113HigApr 1, 2019
    risk 0.51cvss 7.3epss 0.01

    The Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in before 8.1.13.0 for Outlook has "BUILTIN\Users:(I)(F)" permissions for the "%PROGRAMFILES(X86)%\proNestor\Outlook add-in for Pronestor\PronestorHealthMonitor.exe" file, which allows local users to gain privileges…