Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to read root-only files via the dig command without a password.

agent cisco command configuration dig enterprise file files insecure low password privilege root sudo version virtual