CVE-2019-19625
MEDIUMSROS 2 0.8.1 - Exposure of Sensitive Node Information via Leaky Default Configuration
Title source: llmDescription
SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/aliasrobotics/RVD/issues/922
Third Party Advisory x_refsource_misc
https://github.com/ros2/sros2/pull/171
Scores
CVSS v3
5.3
EPSS
0.0150
EPSS Percentile
71.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
ros/sros2
0.8.1
Published
Dec 06, 2019
Tracked Since
Feb 18, 2026