CVE-2019-19627
HIGH
7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
MEDIUM
5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: none
Availability: none
Description
AI Translation Available
SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2.)
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0049
Percentile
0,6th
Updated
EPSS Score Trend (Last 90 Days)
200
Exposure of Sensitive Information to an Unauthorized Actor
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Potential Impacts:
Read Application Data
Applicable Platforms
Technologies:
Mobile, Not Technology-Specific, Web Based
Application
Sros2 by Ros
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ros:sros2:0.8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://asciinema.org/a/yuGkBlaPC33wqL4qABRlgxBkd
https://github.com/aliasrobotics/RVD/issues/922
https://github.com/ros2/sros2/issues/172
https://github.com/ros-swg/turtlebot3_demo
https://ros-swg.github.io/ROSCon19_Security_Workshop/
https://asciinema.org/a/yuGkBlaPC33wqL4qABRlgxBkd
https://github.com/aliasrobotics/RVD/issues/922
https://github.com/ros2/sros2/issues/172
https://github.com/ros-swg/turtlebot3_demo
https://ros-swg.github.io/ROSCon19_Security_Workshop/