CVE-2019-15688
MEDIUMKaspersky Anti-Virus < 2020 - Open Redirect via Web Protection Component
Title source: llmDescription
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. Bypass.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1
Scores
CVSS v3
6.1
EPSS
0.0222
EPSS Percentile
80.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-601
Status
published
Products (5)
kaspersky/anti-virus
< 2020 (2 CPE variants)
kaspersky/internet_security
< 2020
kaspersky/security_cloud
< 2020
kaspersky/small_office_security
< 7
kaspersky/total_security
< 2020
Published
Nov 26, 2019
Tracked Since
Feb 18, 2026