CVE-2019-15137
First published: Sun Aug 18 2019(Updated: )
The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Eprosima Fast-rtps | <=1.9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2019-15137.
What is the severity of CVE-2019-15137?
The severity of CVE-2019-15137 is high with a CVSS score of 7.5.
What is the affected software for CVE-2019-15137?
The affected software for CVE-2019-15137 is eProsima Fast RTPS version up to and including 1.9.0.
What is the impact of CVE-2019-15137?
CVE-2019-15137 can lead to unintended connections between participants in a Data Distribution Service (DDS) network.
How can I fix CVE-2019-15137?
To fix CVE-2019-15137, it is recommended to upgrade to a version of eProsima Fast RTPS that is not affected by the vulnerability.
- collector/nvd-index
- agent/severity
- agent/author
- agent/type
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- vendor/eprosima
- canonical/eprosima fast-rtps
- version/eprosima fast-rtps/1.9.0