Vulnerability CVE-2019-15687
Published: 2019-11-26   Modified: 2019-11-29

Description:
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure.

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Kaspersky -> Anti-virus 
Kaspersky -> Internet security 
Kaspersky -> Security cloud 
Kaspersky -> Small office security 
Kaspersky -> Total security 

 References:
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1
Copyright 2024, cxsecurity.com

 

Back to Top