← back
CVE-2017-1000367observed exploitation

CVE-2017-1000367

50Vexday Risk Score

Prioritize patching. It exploitation observed by VulnCheck and has a public proof of concept.

ssvc Actepss 8.0%
from disclosure to weapon0 days
Published on NVDJun 5
1st PoCMay 30
VulnCheck+2264d
exploitation probability
8.0%top 6% of all CVEs
observed exploitation
yesVulnCheck
12 public exploit(s)
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.