Detections
Analytics

CVE-2024-8038

medium

Description

Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.

References

https://www.cve.org/CVERecord?id=CVE-2024-8038

https://github.com/juju/juju/security/advisories/GHSA-xwgj-vpm9-q2rq

Details

Source: Mitre, NVD

Published: 2024-10-02

Updated: 2024-10-04

Risk Information

CVSS v2

Base Score: 5.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 7.9

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H

Severity: High

CVSS v4

Base Score: 6.2

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:H/SA:H

Severity: Medium

EPSS

EPSS: 0.00078