Security Onion v2 before 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home/<user>/SecurityOnion/setup/so-setup.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
securityonionsolutions security onion |