CVE-2019-15137

2019-08-1816:15:10

Google

osv.dev

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.9%

JSON

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.

CPENameOperatorVersion
fast-ddseq1.9.0-beta-2
fast-ddseq1.9.0-beta
fast-ddseq1.0.0
fast-ddseq1.7.1
fast-ddseq1.6.0
fast-ddseq1.3.0
fast-ddseq1.5.0
fast-ddseq1.8.0-2
fast-ddseq1.2.0
fast-ddseq1.8.1

Name	Operator	Version
fast-dds	eq	1.9.0-beta-2
fast-dds	eq	1.9.0-beta
fast-dds	eq	1.0.0
fast-dds	eq	1.7.1
fast-dds	eq	1.6.0
fast-dds	eq	1.3.0
fast-dds	eq	1.5.0
fast-dds	eq	1.8.0-2
fast-dds	eq	1.2.0
fast-dds	eq	1.8.1