| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9810 | 6.8 |
There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authenticated requests when an authenti
|
03-10-2019 - 00:03 | 17-07-2017 - 21:29 | |
| CVE-2017-9811 | 10.0 |
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate t
|
12-08-2017 - 01:29 | 17-07-2017 - 21:29 | |
| CVE-2017-9812 | 5.0 |
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.
|
12-08-2017 - 01:29 | 17-07-2017 - 21:29 | |
| CVE-2017-9813 | 4.3 |
In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).
|
12-08-2017 - 01:29 | 17-07-2017 - 21:29 |