CVE-2019-8286
MEDIUMKaspersky Anti-Virus, Internet Security, Total Security < 2019 - Information Disclosure via Crafted Webpage
Title source: llmDescription
Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#110719
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/109300
Scores
CVSS v3
4.3
EPSS
0.0221
EPSS Percentile
80.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (5)
kaspersky/anti-virus
< 2019
kaspersky/free_anti-virus
< 2019
kaspersky/internet_security
< 2019
kaspersky/small_office_security
< 6.0
kaspersky/total_security
< 2019
Published
Jul 18, 2019
Tracked Since
Feb 18, 2026