Insecure Sudoers Configuration in Hashicorp Packer

Insecure Sudoers Configuration in Hashicorp Packer

CVE-2022-42717 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.