CVE-2019-15687

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure.

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud hasta el 2020, el componente web protection era vulnerable a una divulgación remota de diversa información sobre el sistema del usuario (como versión de Window y versión del producto, ID único del host). Divulgación de Información.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-08-27 CVE Reserved
2019-11-26 CVE Published
2024-01-05 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1	2021-07-21

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Kaspersky Search vendor "Kaspersky"		Anti-virus Search vendor "Kaspersky" for product "Anti-virus"				<= 2020 Search vendor "Kaspersky" for product "Anti-virus" and version " <= 2020"		-		Affected
Kaspersky Search vendor "Kaspersky"		Anti-virus Search vendor "Kaspersky" for product "Anti-virus"				<= 2020 Search vendor "Kaspersky" for product "Anti-virus" and version " <= 2020"		free		Affected
Kaspersky Search vendor "Kaspersky"		Internet Security Search vendor "Kaspersky" for product "Internet Security"				<= 2020 Search vendor "Kaspersky" for product "Internet Security" and version " <= 2020"		-		Affected
Kaspersky Search vendor "Kaspersky"		Security Cloud Search vendor "Kaspersky" for product "Security Cloud"				<= 2020 Search vendor "Kaspersky" for product "Security Cloud" and version " <= 2020"		-		Affected
Kaspersky Search vendor "Kaspersky"		Small Office Security Search vendor "Kaspersky" for product "Small Office Security"				<= 7 Search vendor "Kaspersky" for product "Small Office Security" and version " <= 7"		-		Affected
Kaspersky Search vendor "Kaspersky"		Total Security Search vendor "Kaspersky" for product "Total Security"				<= 2020 Search vendor "Kaspersky" for product "Total Security" and version " <= 2020"		-		Affected