Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
https://www.cve.org/CVERecord?id=CVE-2024-8038
https://github.com/juju/juju/security/advisories/GHSA-xwgj-vpm9-q2rq
Published: 2024-10-02
Updated: 2024-10-04
Base Score: 5.7
Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C
Severity: Medium
Base Score: 7.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H
Severity: High
Base Score: 6.2
Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:H/SA:H
Severity: Medium
EPSS: 0.00078