Local Access to Unauthorized Introspection Abstract UNIX Domain Socket Leads to Service Denial
CVE-2024-8038
Currently unrated
Key Information:
- Vendor
- juju
- Vendor
- CVE Published:
- 2 October 2024
Summary
A vulnerability exists in the Juju software related to an abstract UNIX domain socket that handles introspection processes. This socket is accessible locally by users within the same network namespace without requiring authentication. As a result, this flaw allows attackers to potentially disrupt services through denial of service attacks, compromising the reliability and availability of the software.
References
Timeline
Vulnerability published