Vulnerability Description
Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kaspersky | Anti-Virus | <= 2019 |
| Kaspersky | Free Anti-Virus | <= 2019 |
| Kaspersky | Internet Security | <= 2019 |
| Kaspersky | Small Office Security | <= 6.0 |
| Kaspersky | Total Security | <= 2019 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/109300Third Party AdvisoryVDB Entry
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#110719Vendor Advisory
- http://www.securityfocus.com/bid/109300Third Party AdvisoryVDB Entry
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#110719Vendor Advisory
FAQ
What is CVE-2019-8286?
CVE-2019-8286 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a spec...
How severe is CVE-2019-8286?
CVE-2019-8286 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-8286?
Check the references section above for vendor advisories and patch information. Affected products include: Kaspersky Anti-Virus, Kaspersky Free Anti-Virus, Kaspersky Internet Security, Kaspersky Small Office Security, Kaspersky Total Security.