CVE-2014-4870

Name of the Vulnerable Software and Affected Versions Brocade Vyatta 5400 vRouter versions 6.4R(x) through 6.7R1

Description The issue is related to the /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl script, which does not properly validate parameters. This allows local users to gain privileges by leveraging the sudo configuration.

Recommendations For Brocade Vyatta 5400 vRouter versions 6.4R(x) through 6.7R1, consider restricting access to the vyatta-clear-dhcp-lease.pl script until a proper fix is available. As a temporary workaround, review and restrict the sudo configuration to minimize the risk of exploitation.