An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Vagrant | Hashicorp | * | 2.3.1 (excluding) |