Vulnerabilities > CVE-2019-15687 - Unspecified vulnerability in Kaspersky products

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

kaspersky

NVD

Published: 2019-11-26

Updated: 2021-07-21

Summary

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure.

Vulnerable Configurations

Part	Description	Count
Application	Kaspersky Kaspersky Anti Virus - Kaspersky Anti Virus 12.03.2022 Kaspersky Anti Virus 16.0.0.614 Kaspersky Anti Virus 2019 Kaspersky Anti Virus * Kaspersky Internet Security - Kaspersky Internet Security 11.12.4.1622 Kaspersky Internet Security 12.03.2022 Kaspersky Internet Security 16.0.0 Kaspersky Internet Security 16.0.0.614 Kaspersky Internet Security 21.1 Kaspersky Internet Security 2019 Kaspersky Total Security - Kaspersky Total Security 12.03.2022 Kaspersky Total Security 16.0.0.614 Kaspersky Total Security 2019 Kaspersky Total Security 2020 Kaspersky Security Cloud - Kaspersky Security Cloud 12.03.2022 Kaspersky Security Cloud 2019 Kaspersky Security Cloud 2020 Kaspersky Small Office Security - Kaspersky Small Office Security 4.0 Kaspersky Small Office Security 5.0 Kaspersky Small Office Security 6.0	30

References

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1