CVE-2019-15688

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. Bypass.

Published: Nov 26, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-15688
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-601

Affected Software
References

Software	From	Fixed in
kaspersky / anti-virus	-	2020.x
kaspersky / internet_security	-	2020.x
kaspersky / total_security	-	2020.x
kaspersky / security_cloud	-	2020.x
kaspersky / small_office_security	-	7.x

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

Vulnerability Database

CVE-2019-15688

Deep Security Visibility Without the Complexity