CVE-2019-15136

2019-08-1816:15:10

Google

osv.dev

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.0%

JSON

The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition.

CPENameOperatorVersion
fast-ddseq1.9.0-beta-2
fast-ddseq1.9.0-beta
fast-ddseq1.0.0
fast-ddseq1.7.1
fast-ddseq1.6.0
fast-ddseq1.3.0
fast-ddseq1.5.0
fast-ddseq1.8.0-2
fast-ddseq1.2.0
fast-ddseq1.8.1

Name	Operator	Version
fast-dds	eq	1.9.0-beta-2
fast-dds	eq	1.9.0-beta
fast-dds	eq	1.0.0
fast-dds	eq	1.7.1
fast-dds	eq	1.6.0
fast-dds	eq	1.3.0
fast-dds	eq	1.5.0
fast-dds	eq	1.8.0-2
fast-dds	eq	1.2.0
fast-dds	eq	1.8.1