CVE-2019-15687

CVE Database · CVE-2019-15687

CVE-2019-15687

· MEDIUMModified

CVSS v3.1

6.5

EPSS

1.23%

Published

Nov 26, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products (6)

kaspersky · anti-virusvulnerable

kaspersky · internet_securityvulnerable

kaspersky · security_cloudvulnerable

kaspersky · small_office_securityvulnerable

kaspersky · total_securityvulnerable

References (2)

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

Vendor Advisory

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs