Privilege Escalation in HashiCorp Vagrant VMware Fusion Plugin
CVE-2017-7642 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable.
Learn more about our Cis Benchmark Audit For Vmware.