How can we help?

SUDO Vulnerability CVE-2021-3156


Netsweeper is aware of CVE-2021-3156 regarding unauthorized SUDO privilege elevation and has taken action to mitigate this issue.

While this CVE is a serious SUDO focused vulnerability, it is import to note that users typically do not have direct and unrestricted access to the SUDO tool. Because the SUDO tool is used by some system services, it is important to upgrade regardless to remove potentially unknown attack vectors. Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host to this end, it is recommended that:

For new installs, please note that Netweeper 7.1.5 and above includes this fix.

For existing/older releases, customers should apply the following patches:

Upgrade any Netsweeper release based on el6

Upgrade any Netsweeper release based on el8

For more information on this vulnerability, please see:

NIST Entry: NVD - CVE-2021-3156 (

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request