Kaspersky LabKLA10461KLA10461 Security bypass vulnerability in multiple products
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.9%
Using of the same certificate was found in multiple products. By exploiting this vulnerability malicious users bypass security restrictions. This vulnerability can be exploited remotely via a man-in-the-middle attack.
Original advisories
Related products
CVE list
CVE-2015-2077 critical
Solution
Remove vulnerable software, if you are not sure in your safety.
Impacts
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Affected Products
- Superfish VisualDiscoveryLavasoft Ad-Aware Web CompanionΒ 1.1.885.1766Ad-Aware AdBlocker (alpha) 1.3.69.1Qustodio for WindowsAtom SecurityInc. StaffCop 5.8
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.9%