CVE-2019-19625

Published: Dec 6, 2019Modified: Jun 17, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky default configuration as indicated in the policy/defaults/dds/governance.xml document.

Affected (1)

Products: Ros: Sros2

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ros Sros2	Version 0.8.1

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://github.com/aliasrobotics/RVD/issues/922

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/ros2/sros2/pull/171

Source: cve@mitre.org

Third Party Advisory

https://github.com/aliasrobotics/RVD/issues/922

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://github.com/ros2/sros2/pull/171

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.