cbcvebase.
CVE-2024-8038
published 2024-10-02

CVE-2024-8038: Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication…

PriorityP420medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.21%
11.2th percentile
Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.

Affected

12 ranges
VendorProductVersion rangeFixed in
canonicaljuju< 2.9.512.9.51
canonicaljuju>= 3.1.0 < 3.1.103.1.10
canonicaljuju3.2.0 – 3.2.4
canonicaljuju>= 3.3 < 3.3.73.3.7
canonicaljuju>= 3.4 < 3.4.63.4.6
canonicaljuju>= 3.5.0 < 3.5.43.5.4
canonical_ltdjuju>= 2.9 < 2.9.512.9.51
canonical_ltdjuju>= 3.1 < 3.1.103.1.10
canonical_ltdjuju>= 3.3 < 3.3.73.3.7
canonical_ltdjuju>= 3.4 < 3.4.63.4.6
canonical_ltdjuju>= 3.5 < 3.5.43.5.4
github.comjuju_juju>= 0 < 0.0.0-20240829052008-43f0fc59790d0.0.0-20240829052008-43f0fc59790d
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.