CVE-2019-15686 — Anti-virus vulnerability

3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 51.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Kaspersky Anti-virus Kaspersky Internet Security Kaspersky Security Cloud +2 more

Timeline

PublishedNov 26

Latest updateMay 24

Description

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable various anti-virus protection features. DoS, Bypass.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages5 packages

▶NVDkaspersky/anti-virus2020

▶NVDkaspersky/small_office_security7

▶NVDkaspersky/security_cloud2020

▶NVDkaspersky/total_security2020

▶NVDkaspersky/internet_security2020

🔴Vulnerability Details

GHSA

GHSA-2hq4-6p2g-96ph: Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Sec↗2022-05-24

▶

CVEList

CVE-2019-15686: Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Sec↗2019-11-26

▶