CVE-2025-53512 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-53512 PUBLISHED CVSS 6.5 MEDIUM

The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.

EPSS 0.08% · 22.9th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.08%

22.9th percentile

Affected Products

Vendor	Product	Versions
canonical	juju	0, 3.0
Canonical	Juju	2.0.0, 3.0.0
github.com	juju/juju	0

Timeline

Jul 8, 2025 CVE Published
Jul 9, 2025 EPSS Score
Jul 9, 2025 Coalition ESS Score
Jul 10, 2025 Coalition ESS Score
Jul 18, 2025 EPSS Score
Jul 27, 2025 EPSS Score
Aug 5, 2025 EPSS Score
Aug 14, 2025 EPSS Score
Aug 23, 2025 EPSS Score
Aug 26, 2025 Coalition ESS Score
Aug 26, 2025 Coalition ESS Score
Aug 27, 2025 Coalition ESS Score

References

Open in Interactive Console →