Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for Juju by Canonical Ltd.

    CVE-2023-0092 (GCVE-0-2023-0092)

    Vulnerability from nvd – Published: 2025-01-31 01:41 – Updated: 2025-02-07 16:10
    VLAI
    Summary
    An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller's filesystem.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 2.9.22 , < 2.9.38 (semver)
    Affected: 3.0.0 , < 3.0.3 (semver)
    Affected: 2.9.38 , < 3.0.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0092",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T16:10:08.920084Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-22",
                    "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-07T16:10:14.052Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "2.9.38",
                  "status": "affected",
                  "version": "2.9.22",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.0.3",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.0.3",
                  "status": "affected",
                  "version": "2.9.38",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller\u0027s filesystem."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-31T01:41:46.439Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/advisories/GHSA-x5rv-w9pm-8qp8"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/juju/juju/commit/ef803e2a13692d355b784b7da8b4b1f01dab1556"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2023-0092",
        "datePublished": "2025-01-31T01:41:46.439Z",
        "dateReserved": "2023-01-05T20:43:04.614Z",
        "dateUpdated": "2025-02-07T16:10:14.052Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8038 (GCVE-0-2024-8038)

    Vulnerability from nvd – Published: 2024-10-02 10:12 – Updated: 2024-10-02 13:53
    VLAI
    Summary
    Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.4 (semver)
    Affected: 3.4 , < 3.4.6 (semver)
    Affected: 3.3 , < 3.3.7 (semver)
    Affected: 3.1 , < 3.1.10 (semver)
    Affected: 2.9 , < 2.9.51 (semver)
    Create a notification for this product.
    Credits
    Harry Pidcock Harry Pidcock Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8038",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T13:52:58.112532Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-02T13:53:24.639Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.4",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.6",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.7",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.10",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.51",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.9,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-420",
                  "description": "CWE-420",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T10:12:38.806Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-xwgj-vpm9-q2rq"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-8038"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-8038",
        "datePublished": "2024-10-02T10:12:38.806Z",
        "dateReserved": "2024-08-21T01:05:01.458Z",
        "dateUpdated": "2024-10-02T13:53:24.639Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8037 (GCVE-0-2024-8037)

    Vulnerability from nvd – Published: 2024-10-02 10:12 – Updated: 2024-11-01 15:31
    VLAI
    Summary
    Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.4 (semver)
    Affected: 3.4 , < 3.4.6 (semver)
    Affected: 3.3 , < 3.3.7 (semver)
    Affected: 3.1 , < 3.1.10 (semver)
    Affected: 2.9 , < 2.9.51 (semver)
    Create a notification for this product.
    Credits
    Pedro Guimaraes Harry Pidcock Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8037",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T13:56:28.477251Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-276",
                    "description": "CWE-276 Incorrect Default Permissions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-01T15:31:40.233Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.4",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.6",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.7",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.10",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.51",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Pedro Guimaraes"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T10:12:32.318Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-8v4w-f4r9-7h6x"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-8037"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-8037",
        "datePublished": "2024-10-02T10:12:32.318Z",
        "dateReserved": "2024-08-21T00:45:34.399Z",
        "dateUpdated": "2024-11-01T15:31:40.233Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7558 (GCVE-0-2024-7558)

    Vulnerability from nvd – Published: 2024-10-02 10:06 – Updated: 2024-10-02 13:59
    VLAI
    Summary
    JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)
    • CWE-340 - Generation of Predictable Numbers or Identifiers
    • CWE-1391 - Use of Weak Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.4 (semver)
    Affected: 3.4 , < 3.4.6 (semver)
    Affected: 3.3 , < 3.3.7 (semver)
    Affected: 3.1 , < 3.1.10 (semver)
    Affected: 2.9 , < 2.9.51 (semver)
    Create a notification for this product.
    Credits
    Harry Pidcock Harry Pidcock Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7558",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T13:58:28.823188Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-02T13:59:04.171Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.4",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.6",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.7",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.10",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.51",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-337",
                  "description": "CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-340",
                  "description": "CWE-340: Generation of Predictable Numbers or Identifiers",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-1391",
                  "description": "CWE-1391: Use of Weak Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T10:06:31.098Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-mh98-763h-m9v4"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-7558"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-7558",
        "datePublished": "2024-10-02T10:06:31.098Z",
        "dateReserved": "2024-08-06T13:45:13.579Z",
        "dateUpdated": "2024-10-02T13:59:04.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6984 (GCVE-0-2024-6984)

    Vulnerability from nvd – Published: 2024-07-29 14:04 – Updated: 2024-08-01 21:45
    VLAI
    Summary
    An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-209 - Generation of Error Message Containing Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.3 (semver)
    Affected: 3.4 , < 3.4.5 (semver)
    Affected: 3.3 , < 3.3.5 (semver)
    Affected: 3.1 , < 3.1.9 (semver)
    Affected: 2.9 , < 2.9.50 (semver)
    Create a notification for this product.
    canonical juju Affected: 2.9 , < 2.9.50 (semver)
    Affected: 3.1 , < 3.1.9 (custom)
    Affected: 3.3 , < 3.3.5 (custom)
    Affected: 3.4 , < 3.4.5 (custom)
    Affected: 3.5 , < 3.5.3 (custom)
        cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Pedro Valverde Guimaraes Joe Phillips Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "juju",
                "vendor": "canonical",
                "versions": [
                  {
                    "lessThan": "2.9.50",
                    "status": "affected",
                    "version": "2.9",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "3.1.9",
                    "status": "affected",
                    "version": "3.1",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "3.3.5",
                    "status": "affected",
                    "version": "3.3",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "3.4.5",
                    "status": "affected",
                    "version": "3.4",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.5",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6984",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-29T14:37:36.928450Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-29T14:41:50.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:45:38.419Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "patch",
                  "x_transferred"
                ],
                "url": "https://github.com/juju/juju/commit/da929676853092a29ddf8d589468cf85ba3efaf2"
              },
              {
                "tags": [
                  "issue-tracking",
                  "x_transferred"
                ],
                "url": "https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx"
              },
              {
                "tags": [
                  "issue-tracking",
                  "x_transferred"
                ],
                "url": "https://www.cve.org/CVERecord?id=CVE-2024-6984"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "juju",
              "platforms": [
                "Linux",
                "MacOS",
                "Windows"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.3",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.5",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.5",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.9",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.50",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Pedro Valverde Guimaraes"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Joe Phillips"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-209",
                  "description": "CWE-209 Generation of Error Message Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-29T14:04:05.925Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/juju/juju/commit/da929676853092a29ddf8d589468cf85ba3efaf2"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-6984"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-6984",
        "datePublished": "2024-07-29T14:04:05.925Z",
        "dateReserved": "2024-07-22T21:29:24.954Z",
        "dateUpdated": "2024-08-01T21:45:38.419Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0092 (GCVE-0-2023-0092)

    Vulnerability from cvelistv5 – Published: 2025-01-31 01:41 – Updated: 2025-02-07 16:10
    VLAI
    Summary
    An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller's filesystem.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 2.9.22 , < 2.9.38 (semver)
    Affected: 3.0.0 , < 3.0.3 (semver)
    Affected: 2.9.38 , < 3.0.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0092",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T16:10:08.920084Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-22",
                    "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-07T16:10:14.052Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "2.9.38",
                  "status": "affected",
                  "version": "2.9.22",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.0.3",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.0.3",
                  "status": "affected",
                  "version": "2.9.38",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller\u0027s filesystem."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-31T01:41:46.439Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/advisories/GHSA-x5rv-w9pm-8qp8"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/juju/juju/commit/ef803e2a13692d355b784b7da8b4b1f01dab1556"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2023-0092",
        "datePublished": "2025-01-31T01:41:46.439Z",
        "dateReserved": "2023-01-05T20:43:04.614Z",
        "dateUpdated": "2025-02-07T16:10:14.052Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8038 (GCVE-0-2024-8038)

    Vulnerability from cvelistv5 – Published: 2024-10-02 10:12 – Updated: 2024-10-02 13:53
    VLAI
    Summary
    Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.4 (semver)
    Affected: 3.4 , < 3.4.6 (semver)
    Affected: 3.3 , < 3.3.7 (semver)
    Affected: 3.1 , < 3.1.10 (semver)
    Affected: 2.9 , < 2.9.51 (semver)
    Create a notification for this product.
    Credits
    Harry Pidcock Harry Pidcock Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8038",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T13:52:58.112532Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-02T13:53:24.639Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.4",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.6",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.7",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.10",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.51",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.9,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-420",
                  "description": "CWE-420",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T10:12:38.806Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-xwgj-vpm9-q2rq"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-8038"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-8038",
        "datePublished": "2024-10-02T10:12:38.806Z",
        "dateReserved": "2024-08-21T01:05:01.458Z",
        "dateUpdated": "2024-10-02T13:53:24.639Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8037 (GCVE-0-2024-8037)

    Vulnerability from cvelistv5 – Published: 2024-10-02 10:12 – Updated: 2024-11-01 15:31
    VLAI
    Summary
    Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.4 (semver)
    Affected: 3.4 , < 3.4.6 (semver)
    Affected: 3.3 , < 3.3.7 (semver)
    Affected: 3.1 , < 3.1.10 (semver)
    Affected: 2.9 , < 2.9.51 (semver)
    Create a notification for this product.
    Credits
    Pedro Guimaraes Harry Pidcock Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8037",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T13:56:28.477251Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-276",
                    "description": "CWE-276 Incorrect Default Permissions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-01T15:31:40.233Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.4",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.6",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.7",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.10",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.51",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Pedro Guimaraes"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T10:12:32.318Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-8v4w-f4r9-7h6x"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-8037"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-8037",
        "datePublished": "2024-10-02T10:12:32.318Z",
        "dateReserved": "2024-08-21T00:45:34.399Z",
        "dateUpdated": "2024-11-01T15:31:40.233Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7558 (GCVE-0-2024-7558)

    Vulnerability from cvelistv5 – Published: 2024-10-02 10:06 – Updated: 2024-10-02 13:59
    VLAI
    Summary
    JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)
    • CWE-340 - Generation of Predictable Numbers or Identifiers
    • CWE-1391 - Use of Weak Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.4 (semver)
    Affected: 3.4 , < 3.4.6 (semver)
    Affected: 3.3 , < 3.3.7 (semver)
    Affected: 3.1 , < 3.1.10 (semver)
    Affected: 2.9 , < 2.9.51 (semver)
    Create a notification for this product.
    Credits
    Harry Pidcock Harry Pidcock Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7558",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T13:58:28.823188Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-02T13:59:04.171Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "packageName": "juju",
              "platforms": [
                "Linux"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.4",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.6",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.7",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.10",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.51",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Harry Pidcock"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-337",
                  "description": "CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-340",
                  "description": "CWE-340: Generation of Predictable Numbers or Identifiers",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-1391",
                  "description": "CWE-1391: Use of Weak Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T10:06:31.098Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-mh98-763h-m9v4"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-7558"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-7558",
        "datePublished": "2024-10-02T10:06:31.098Z",
        "dateReserved": "2024-08-06T13:45:13.579Z",
        "dateUpdated": "2024-10-02T13:59:04.171Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6984 (GCVE-0-2024-6984)

    Vulnerability from cvelistv5 – Published: 2024-07-29 14:04 – Updated: 2024-08-01 21:45
    VLAI
    Summary
    An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-209 - Generation of Error Message Containing Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Canonical Ltd. Juju Affected: 3.5 , < 3.5.3 (semver)
    Affected: 3.4 , < 3.4.5 (semver)
    Affected: 3.3 , < 3.3.5 (semver)
    Affected: 3.1 , < 3.1.9 (semver)
    Affected: 2.9 , < 2.9.50 (semver)
    Create a notification for this product.
    canonical juju Affected: 2.9 , < 2.9.50 (semver)
    Affected: 3.1 , < 3.1.9 (custom)
    Affected: 3.3 , < 3.3.5 (custom)
    Affected: 3.4 , < 3.4.5 (custom)
    Affected: 3.5 , < 3.5.3 (custom)
        cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Pedro Valverde Guimaraes Joe Phillips Mark Esler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "juju",
                "vendor": "canonical",
                "versions": [
                  {
                    "lessThan": "2.9.50",
                    "status": "affected",
                    "version": "2.9",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "3.1.9",
                    "status": "affected",
                    "version": "3.1",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "3.3.5",
                    "status": "affected",
                    "version": "3.3",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "3.4.5",
                    "status": "affected",
                    "version": "3.4",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "3.5.3",
                    "status": "affected",
                    "version": "3.5",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6984",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-29T14:37:36.928450Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-29T14:41:50.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:45:38.419Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "patch",
                  "x_transferred"
                ],
                "url": "https://github.com/juju/juju/commit/da929676853092a29ddf8d589468cf85ba3efaf2"
              },
              {
                "tags": [
                  "issue-tracking",
                  "x_transferred"
                ],
                "url": "https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx"
              },
              {
                "tags": [
                  "issue-tracking",
                  "x_transferred"
                ],
                "url": "https://www.cve.org/CVERecord?id=CVE-2024-6984"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "juju",
              "platforms": [
                "Linux",
                "MacOS",
                "Windows"
              ],
              "product": "Juju",
              "repo": "https://github.com/juju/juju",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "lessThan": "3.5.3",
                  "status": "affected",
                  "version": "3.5",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.4.5",
                  "status": "affected",
                  "version": "3.4",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.3.5",
                  "status": "affected",
                  "version": "3.3",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.1.9",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.9.50",
                  "status": "affected",
                  "version": "2.9",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Pedro Valverde Guimaraes"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "Joe Phillips"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "Mark Esler"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-209",
                  "description": "CWE-209 Generation of Error Message Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-29T14:04:05.925Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/juju/juju/commit/da929676853092a29ddf8d589468cf85ba3efaf2"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-6984"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2024-6984",
        "datePublished": "2024-07-29T14:04:05.925Z",
        "dateReserved": "2024-07-22T21:29:24.954Z",
        "dateUpdated": "2024-08-01T21:45:38.419Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }