CVE-2024-8038 HIGH

CVE-2024-8038

Vendor Canonical Ltd.
Product Juju
Weakness CWE-420
Published October 2, 2024
Last update October 2, 2024

CVSS base score

7.9/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H

What the vulnerability does

01Description

Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.

Key dates

02Disclosure timeline

October 2, 2024 CVE published
October 2, 2024 Record updated