Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus 8.0 for Linux File Servers

Description The issue is caused by a lack of authentication check for web console form creators in Kaspersky Anti-Virus 8.0 for Linux File Servers. This could allow a remote attacker to send a command to the antivirus software on behalf of its user when the user visits the attacker's web page.

Recommendations For Kaspersky Anti-Virus 8.0 for Linux File Servers, consider restricting access to the web console until a fix is available. As a temporary workaround, avoid using the web console to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.