Vulnerability Description
Kaspersky Protection extension for web browser Google Chrome prior to 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.
CVSS Score
4.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | < 30.112.62.0 | |
| Kaspersky | Protection | 20.0.543.1418 |
References
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1Broken Link
- https://www.symantec.com/security-center/vulnerabilities/writeup/110997Third Party Advisory
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1Broken Link
FAQ
What is CVE-2019-15684?
CVE-2019-15684 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Kaspersky Protection extension for web browser Google Chrome prior to 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.
How severe is CVE-2019-15684?
CVE-2019-15684 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-15684?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Kaspersky Protection.