CVE
CVE-2019-19234
| CVE ID |
CVE-2019-19234
|
|---|---|
| CVSS Score |
7.5
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
sudo-1.8.23-10_ol003.el7_9.3
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
When an account is set for a non-login user in /etc/passwd, it is not considered disabled by sudo.
The newly introduced runas_check_shell sudoers setting can be used to require that the run as user have a shell that's listed in /etc/shells. Users such as "bin", "nobody", etc, do not have a valid shell, and this option prevents commands from being run as those users.