CVE-2022-29527
Published
CVSS v3
7
HIGH
CVSS v2
6.9
MEDIUM
Affected
1
PROJECT
Description
Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.
An agent to enable remote management of your EC2 instances, on-premises servers, or virtual machines (VMs).
GitHub