VDB
GCVE-110-CLOUD-2022-0035
GCVE-110-CLOUD-2022-0035
Advisory Published
The Amazon SSM Agent (used for managing EC2 instances via Amazon Systems Manager) created a world-writable sudoers file,
which would have allowed local attackers to inject Sudo rules and escalate privileges to root.
This could occur in certain situations involving a race condition.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | SSM | — | — |
| AWS | Cloud Services | — | — |
| AWS | SSM, EC2 | — | — |
| AWS | EC2 | — | — |
Aliases
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.