cbcvebase.
CVE-2024-8037
published 2024-10-02

CVE-2024-8037: Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default…

PriorityP429medium6.5CVSS 3.1
AVLACHPRLUINSUCLIHAH
EPSS
0.18%
8.3th percentile
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm.

Affected

12 ranges
VendorProductVersion rangeFixed in
canonicaljuju< 2.9.512.9.51
canonicaljuju>= 3.1.0 < 3.1.103.1.10
canonicaljuju3.2.0 – 3.2.4
canonicaljuju>= 3.3.0 < 3.3.73.3.7
canonicaljuju>= 3.4 < 3.4.63.4.6
canonicaljuju>= 3.5.0 < 3.5.43.5.4
canonical_ltdjuju>= 2.9 < 2.9.512.9.51
canonical_ltdjuju>= 3.1 < 3.1.103.1.10
canonical_ltdjuju>= 3.3 < 3.3.73.3.7
canonical_ltdjuju>= 3.4 < 3.4.63.4.6
canonical_ltdjuju>= 3.5 < 3.5.43.5.4
github.comjuju_juju>= 0 < 0.0.0-20240820065804-2f2ec128ef5a0.0.0-20240820065804-2f2ec128ef5a

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.