CVE-2024-7558
published 2024-10-02CVE-2024-7558: JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the…
PriorityP343high8CVSS 3.1
AVAACLPRLUINSUCHIHAH
EPSS
0.50%
39.1th percentile
JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | juju | < 2.9.51 | 2.9.51 |
| canonical | juju | >= 3.1.0 < 3.1.10 | 3.1.10 |
| canonical | juju | >= 3.2.0 < 3.2.4 | 3.2.4 |
| canonical | juju | >= 3.3.0 < 3.3.7 | 3.3.7 |
| canonical | juju | >= 3.4 < 3.4.6 | 3.4.6 |
| canonical | juju | >= 3.5.0 < 3.5.4 | 3.5.4 |
| canonical_ltd | juju | >= 2.9 < 2.9.51 | 2.9.51 |
| canonical_ltd | juju | >= 3.1 < 3.1.10 | 3.1.10 |
| canonical_ltd | juju | >= 3.3 < 3.3.7 | 3.3.7 |
| canonical_ltd | juju | >= 3.4 < 3.4.6 | 3.4.6 |
| canonical_ltd | juju | >= 3.5 < 3.5.4 | 3.5.4 |
| github.com | juju_juju | >= 0 < 0.0.0-20240826044107-ecd7e2d0e986 | 0.0.0-20240826044107-ecd7e2d0e986 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
JUJU_CONTEXT_ID is a predictable authentication secret in github.com/juju/juju
osv·2024-10-09
CVE-2024-7558 JUJU_CONTEXT_ID is a predictable authentication secret in github.com/juju/juju
JUJU_CONTEXT_ID is a predictable authentication secret in github.com/juju/juju
JUJU_CONTEXT_ID is a predictable authentication secret in github.com/juju/juju
GHSA
JUJU_CONTEXT_ID is a predictable authentication secret
ghsa·2024-10-03
CVE-2024-7558 [MEDIUM] CWE-1391 JUJU_CONTEXT_ID is a predictable authentication secret
JUJU_CONTEXT_ID is a predictable authentication secret
`JUJU_CONTEXT_ID` is the authentication measure on the unit hook tool abstract domain socket. It looks like `JUJU_CONTEXT_ID=appname/0-update-status-6073989428498739633`.
This value looks fairly unpredictable, but due to the random source used, it is highly predictable.
`JUJU_CONTEXT_ID` has the following components:
- the application name
- the unit number
- the hook being currently run
- a uint63 decimal number
On a system the application name and unit number can be deduced by reading the structure of the filesystem.
The current hook being run is not easily deduce-able, but is a limited set of possible values, so one could try them all.
Finally the random number, this is generated from a non cryptographically secure random source
OSV
JUJU_CONTEXT_ID is a predictable authentication secret
osv·2024-10-03
CVE-2024-7558 [MEDIUM] JUJU_CONTEXT_ID is a predictable authentication secret
JUJU_CONTEXT_ID is a predictable authentication secret
`JUJU_CONTEXT_ID` is the authentication measure on the unit hook tool abstract domain socket. It looks like `JUJU_CONTEXT_ID=appname/0-update-status-6073989428498739633`.
This value looks fairly unpredictable, but due to the random source used, it is highly predictable.
`JUJU_CONTEXT_ID` has the following components:
- the application name
- the unit number
- the hook being currently run
- a uint63 decimal number
On a system the application name and unit number can be deduced by reading the structure of the filesystem.
The current hook being run is not easily deduce-able, but is a limited set of possible values, so one could try them all.
Finally the random number, this is generated from a non cryptographically secure random source
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-10-02
Published