Vulnerabilities > CVE-2019-15137 - Unspecified vulnerability in Eprosima Fast-Rtps

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

eprosima

NVD

Published: 2019-08-18

Updated: 2020-08-24

Summary

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.

Vulnerable Configurations

Part	Description	Count
Application	Eprosima Eprosima Fast Rtps 0.3.0 Eprosima Fast Rtps 0.3.1 Eprosima Fast Rtps 0.4.0 Eprosima Fast Rtps 0.5.0 Eprosima Fast Rtps 0.5.1 Eprosima Fast Rtps 0.5.2 Eprosima Fast Rtps 1.0.0 Eprosima Fast Rtps 1.0.6 Eprosima Fast Rtps 1.1.0 Eprosima Fast Rtps 1.2.0 Eprosima Fast Rtps 1.3.0 Eprosima Fast Rtps 1.3.1 Eprosima Fast Rtps 1.4.0 Eprosima Fast Rtps 1.5.0 Eprosima Fast Rtps 1.6.0 Eprosima Fast Rtps 1.7.0 Eprosima Fast Rtps 1.7.1 Eprosima Fast Rtps 1.7.2 Eprosima Fast Rtps 1.7.3 Eprosima Fast Rtps 1.8.0 Eprosima Fast Rtps 1.8.0-2 Eprosima Fast Rtps 1.8.1 Eprosima Fast Rtps 1.8.2 Eprosima Fast Rtps 1.8.3 Eprosima Fast Rtps 1.8.4 Eprosima Fast Rtps 1.8.5 Eprosima Fast Rtps 1.9.0	29

Summary

Vulnerable Configurations

References