Vulnerability Details CVE-2019-15137
The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-15137
-
cpe:2.3:a:eprosima:fast-rtps:0.3.0
-
cpe:2.3:a:eprosima:fast-rtps:0.3.1
-
cpe:2.3:a:eprosima:fast-rtps:0.4.0
-
cpe:2.3:a:eprosima:fast-rtps:0.5.0
-
cpe:2.3:a:eprosima:fast-rtps:0.5.1
-
cpe:2.3:a:eprosima:fast-rtps:0.5.2
-
cpe:2.3:a:eprosima:fast-rtps:1.0.0
-
cpe:2.3:a:eprosima:fast-rtps:1.0.6
-
cpe:2.3:a:eprosima:fast-rtps:1.1.0
-
cpe:2.3:a:eprosima:fast-rtps:1.2.0
-
cpe:2.3:a:eprosima:fast-rtps:1.3.0
-
cpe:2.3:a:eprosima:fast-rtps:1.3.1
-
cpe:2.3:a:eprosima:fast-rtps:1.4.0
-
cpe:2.3:a:eprosima:fast-rtps:1.5.0
-
cpe:2.3:a:eprosima:fast-rtps:1.6.0
-
cpe:2.3:a:eprosima:fast-rtps:1.7.0
-
cpe:2.3:a:eprosima:fast-rtps:1.7.1
-
cpe:2.3:a:eprosima:fast-rtps:1.7.2
-
cpe:2.3:a:eprosima:fast-rtps:1.7.3
-
cpe:2.3:a:eprosima:fast-rtps:1.8.0
-
cpe:2.3:a:eprosima:fast-rtps:1.8.0-2
-
cpe:2.3:a:eprosima:fast-rtps:1.8.1
-
cpe:2.3:a:eprosima:fast-rtps:1.8.2
-
cpe:2.3:a:eprosima:fast-rtps:1.8.3
-
cpe:2.3:a:eprosima:fast-rtps:1.8.4
-
cpe:2.3:a:eprosima:fast-rtps:1.8.5
-
cpe:2.3:a:eprosima:fast-rtps:1.9.0