CVE-2019-8286
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
38.2%
Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kaspersky | anti-virus | * | cpe:2.3:a:kaspersky:anti-virus:*:*:*:*:*:*:*:* |
| kaspersky | free_anti-virus | * | cpe:2.3:a:kaspersky:free_anti-virus:*:*:*:*:*:*:*:* |
| kaspersky | internet_security | * | cpe:2.3:a:kaspersky:internet_security:*:*:*:*:*:*:*:* |
| kaspersky | small_office_security | * | cpe:2.3:a:kaspersky:small_office_security:*:*:*:*:*:*:*:* |
| kaspersky | total_security | * | cpe:2.3:a:kaspersky:total_security:*:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
38.2%