Back to search
CVE-2019-19627
Published: Dec 6, 2019
Modified: Aug 5, 2024
PUBLISHED
CVSS v3.0
7.5
HIGH
Description
SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2.)
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N
Attack Complexity
Low
Attack Vector
Network
Availability
High
Confidentiality
None
Integrity
None
Privileges Required
None
Scope
Unchanged
User Interaction
None
References
https://github.com/aliasrobotics/RVD/issues/922
x_refsource_MISC
https://github.com/ros2/sros2/issues/172
x_refsource_MISC
https://asciinema.org/a/yuGkBlaPC33wqL4qABRlgxBkd
x_refsource_MISC
https://ros-swg.github.io/ROSCon19_Security_Workshop/
x_refsource_MISC
https://github.com/ros-swg/turtlebot3_demo
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now