The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.
References
Link | Resource |
---|---|
https://arxiv.org/abs/1908.05310 | Third Party Advisory |
https://github.com/eProsima/Fast-RTPS/issues/441 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-18T15:44:12
Updated: 2019-08-18T15:44:12
Reserved: 2019-08-18T00:00:00
Link: CVE-2019-15137
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-18T16:15:10.627
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-15137
JSON object: View
Redhat Information
No data.
CWE