OMG DDS Security 1.1 Handshake Protocol Cleartext Capability Disclosure Vulnerability

OMG DDS Security 1.1 Handshake Protocol Cleartext Capability Disclosure Vulnerability

CVE-2019-15135 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext information about all of the capabilities of a participant (including capabilities inapplicable to the current session), which makes it easier for attackers to discover potentially sensitive reachability information on a Data Distribution Service (DDS) network.

Learn more about our Network Penetration Testing.