Vulnerabilities > Kaspersky > Anti Virus FOR Linux Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-9813 | Cross-site Scripting vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS). | 6.1 |
| 2017-07-17 | CVE-2017-9812 | Information Exposure vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges. | 7.5 |
| 2017-07-17 | CVE-2017-9811 | Improper Input Validation vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). | 9.8 |
| 2017-07-17 | CVE-2017-9810 | Cross-Site Request Forgery (CSRF) vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297 There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). | 8.8 |