CVE-2019-15687

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like Windows version and version of the product, host unique ID). Information Disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
KasperskyCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
kasperskyanti-virus
𝑥
≤ 2020
kasperskyanti-virus
𝑥
≤ 2020
kasperskyinternet_security
𝑥
≤ 2020
kasperskysecurity_cloud
𝑥
≤ 2020
kasperskysmall_office_security
𝑥
≤ 7
kasperskytotal_security
𝑥
≤ 2020
𝑥
= Vulnerable software versions
References
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1