cbcvebase.
CVE-2024-6984
published 2024-07-29

CVE-2024-6984: An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive…

PriorityP412low3.8CVSS 3.1
AVLACLPRLUINSCCLINAN
EPSS
0.38%
29.7th percentile
An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.

Affected

10 ranges
VendorProductVersion rangeFixed in
canonicaljuju>= 2.9 < 2.9.502.9.50
canonicaljuju>= 3.1 < 3.1.93.1.9
canonicaljuju>= 3.3 < 3.3.63.3.6
canonicaljuju>= 3.4 < 3.4.53.4.5
canonicaljuju>= 3.5 < 3.5.33.5.3
canonical_ltdjuju>= 2.9 < 2.9.502.9.50
canonical_ltdjuju>= 3.1 < 3.1.93.1.9
canonical_ltdjuju>= 3.3 < 3.3.53.3.5
canonical_ltdjuju>= 3.4 < 3.4.53.4.5
canonical_ltdjuju>= 3.5 < 3.5.33.5.3

CVSS provenance

nvdv3.13.8LOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
osv3.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.