CVE-2019-15688

CVE Database · CVE-2019-15688

CVE-2019-15688

· MEDIUMModified

CVSS v3.1

6.1

EPSS

2.22%

Published

Nov 26, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. Bypass.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Weaknesses (CWE)

CWE-601

Affected Products (6)

kaspersky · anti-virusvulnerable

kaspersky · internet_securityvulnerable

kaspersky · security_cloudvulnerable

kaspersky · small_office_securityvulnerable

kaspersky · total_securityvulnerable

References (2)

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

Vendor Advisory

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs