CVE-2021-35052

A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Kaspersky ≫ Password Manager SwPlatformwindows Version <= 9.0.1

Kaspersky ≫ Password Manager Version9.0.2 Update- SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_a SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_b SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_c SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_d SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_e SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_f SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_g SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_h SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_i SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_j SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_k SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_l SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_m SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_n SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_o SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_p SwPlatformwindows

Kaspersky ≫ Password Manager Version9.0.2 Updatepatch_q SwPlatformwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.15%	0.368

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Vendor Advisory

Third Party Advisory

VDB Entry

CVE Source (NVD)

CVE Source (JSON)

EUVD