5.11. Vulnerabilities

5.11.1. [Major] Pre-Shared Key Protection plus Cloud Discovery Service did not protect against Participant Announcement Replay attacks *

The new Pre-Shared Key Protection feature was introduced as a way to protect Cloud Discovery Service in version 7.2.0. However, the CDS + PSK combination did not protect against Participant Announcement Replay attacks as described in the Security Plugins User’s Manual. Now this combination will protect against these attacks.

[RTI Issue ID SEC-2287]

* This bug does not affect you if you are upgrading from 6.1.x or earlier.