CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6288
https://notcve.org/view.php?id=CVE-2018-6288
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1. Existe Cross-Site Request Forgery (CSRF) que conduce a la toma de control de una cuenta administrativa en Kaspersky Secure Mail Gateway 1.1. • https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6289
https://notcve.org/view.php?id=CVE-2018-6289
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1. Inyección de archivos de configuración provoca ejecución de código como Root en Kaspersky Secure Mail Gateway 1.1. • https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6290
https://notcve.org/view.php?id=CVE-2018-6290
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1. Escalado de privilegios locales en Kaspersky Secure Mail Gateway 1.1. • https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6291
https://notcve.org/view.php?id=CVE-2018-6291
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1. Cross-Site Scripting (XSS) en WebConsole en Kaspersky Secure Mail Gateway 1.1. • https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12823
https://notcve.org/view.php?id=CVE-2017-12823
Kernel pool memory corruption in one of drivers in Kaspersky Embedded Systems Security version 1.2.0.300 leads to local privilege escalation. La corrupción del grupo de memoria del kernel en uno de los controladores en Kaspersky Embedded Systems Security 1.2.0.300 conduce a una escalada de privilegios. • http://www.securityfocus.com/bid/102141 https://support.kaspersky.com/vulnerability.aspx?el=12430#091017 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •