exploitDog

CVE-2019-15137

Опубликовано: 18 авг. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.

Ссылки

https://arxiv.org/abs/1908.05310
Third Party Advisory
https://github.com/eProsima/Fast-RTPS/issues/441
Patch
Third Party Advisory
https://arxiv.org/abs/1908.05310
Third Party Advisory
https://github.com/eProsima/Fast-RTPS/issues/441
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:eprosima:fast-rtps:*:*:*:*:*:*:*:*

Версия до 1.9.0 (включая)

EPSS

Процентиль: 47%

0.00237

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-m83w-gcmr-x3ch

CVSS3: 7.5

github

больше 3 лет назад

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.

EPSS

Процентиль: 47%

0.00237

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo