Security policy bypass vulnerability in Sudo - CVE-2019-14287ID: oval:org.secpod.oval:def:59044 | Date: (C)2019-10-15 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction.
Platform: |
CentOS 6 |
CentOS 7 |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 7 |
Red Hat Enterprise Linux 8 |