Kaspersky Fixes Security Issue in Linux Mail Server Software
CVE-2024-1619

8.8HIGH

Key Information:

Vendor: Kaspersky
Status: Kaspersky Security For Linux Mail Server 8
Vendor: CVE Published:; 29 February 2024

What is CVE-2024-1619?

Kaspersky has identified a security vulnerability in Kaspersky Security 8.0 for Linux Mail Server that allows an attacker to potentially manipulate an administrator's actions by tricking them into clicking a malicious link. This flaw emphasizes the need for organizations to remain vigilant about their security configurations and user training to prevent unauthorized access and actions.

Affected Version(s)

Kaspersky Security for Linux Mail Server 8 * < 8.0.3.30 Security Patch A

References

https://support.kaspersky.com/vulnerability/list-of-advis...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 29, 2024
Vulnerability Reserved
Feb 19, 2024

Credit

Adrian Tiron

Bogdan Tiron