Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 suffers from an unpatched vulnerability in sudoedit, allowed by sudo configuration, which permits a low-privilege user to modify arbitrary files as root and subsequently execute arbitrary commands as root.

agent cisco configuration enterprise file files low modification privilege root sudo sudoedit unpatched version virtual vulnerability