CVE-2019-8286

Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
KasperskyCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
kasperskyanti-virus
𝑥
≤ 2019
kasperskyfree_anti-virus
𝑥
≤ 2019
kasperskyinternet_security
𝑥
≤ 2019
kasperskysmall_office_security
𝑥
≤ 6.0
kasperskytotal_security
𝑥
≤ 2019
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/109300
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#110719
http://www.securityfocus.com/bid/109300
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#110719