Attackers can exploit vulnerability in Juju hook tool to gain access to restrictive actions
CVE-2024-8037

6.5MEDIUM

Key Information:

Vendor: Canonical Ltd.
Status: Juju
Vendor: CVE Published:; 2 October 2024

Summary

A local authorization bypass vulnerability exists in the Juju hook tool due to improper handling of UNIX domain sockets. This flaw allows any user on the local system with access to the default network namespace to connect to the agent socket located at @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket. By leveraging this vulnerability in conjunction with a specific JUJU_CONTEXT_ID, the attacker can perform actions typically restricted to Juju charms, potentially compromising the security of the affected Juju deployments.

Affected Version(s)

Juju Linux 3.5 < 3.5.4

Juju Linux 3.4 < 3.4.6

Juju Linux 3.3 < 3.3.7

References

https://github.com/juju/juju/security/advisories/GHSA-8v4...

issue-tracking

https://www.cve.org/CVERecord?id=CVE-2024-8037

issue-tracking

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 2, 2024

Credit

Pedro Guimaraes

Harry Pidcock

Mark Esler