RSS   Vulnerabilities for 'Fast-rtps'   RSS

2019-08-18
 
CVE-2019-15137

CWE-284
 

 
The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network.

 
 
CVE-2019-15136

CWE-275
 

 
The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition.

 

 >>> Vendor: Eprosima 2 Products
Fast-rtps
Fast dds


Copyright 2024, cxsecurity.com

 

Back to Top