Hashicorp · Vagrant · CVE-2022-42717
**Name of the Vulnerable Software and Affected Versions**
Hashicorp Packer versions prior to 2.3.1
**Description**
An issue was discovered in the recommended sudoers configuration for Vagrant on Linux, which is insecure. Non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root.
**Recommendations**
For Hashicorp Packer versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider reviewing and restricting the sudoers configuration to minimize the risk of exploitation.