VDB

CISA-2024-8038

CISA-2024-8038 PUBLISHED CVSS 7.9 HIGH

Reported by canonical · Published October 2, 2024

Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.

Risk Scores

CVSS 3.1
7.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H

Affected Products

VendorProductVersions
Canonical Ltd.Juju3.5, 3.4, 3.3
Canonical Ltd.Juju3.5, 3.4, 3.1

Timeline

  • Oct 2, 2024 CVE Published
  • Oct 2, 2024 CVE Updated

References

  • issue-tracking
  • issue-tracking
Open in Interactive Console →
$ Console Community · 100/wk Open console ›