Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-14287 — Improper Handling of Exceptional Conditions in Project Sudo
Severity
8.8HIGHNVD
EPSS
85.8%
top 0.61%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedOct 17
Latest updateMay 24
Description
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages7 packages
Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 29, 30, 31, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 19.04, Enterprise Linux 8.0, 7.5, 7.6, 7.7, 8.1, 8.2, 8.4, 6.5, 6.6, 7.2, 7.3, 7.4, Openshift Container Platform 4.1
Patches
🔴Vulnerability Details
3💥Exploits & PoCs
2Nuclei▶
Sudo <= 1.8.27 - Security Bypass