Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS02dmptLTU0dnAtbXhoeM4AA-YR
Juju's unprivileged user running on charm node can leak any secret or relation data accessible to the local charm
An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm. A potential exploit where a user can run a bash loop attempting to execute hook tools. If running while another hook is executing, we log an error with the context ID, making it possible for the user to then use that ID in a following call successfully. This means an unprivileged user can access anything available via a hook tool such as config, relation data and secrets.
Permalink: https://github.com/advisories/GHSA-6vjm-54vp-mxhxJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS02dmptLTU0dnAtbXhoeM4AA-YR
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 4 months ago
Updated: 4 months ago
CVSS Score: 8.8
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Identifiers: GHSA-6vjm-54vp-mxhx
References:
- https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx
- https://nvd.nist.gov/vuln/detail/CVE-2024-6984
- https://github.com/juju/juju/commit/da929676853092a29ddf8d589468cf85ba3efaf2
- https://pkg.go.dev/vuln/GO-2024-3010
- https://pkg.go.dev/vuln/GO-2024-3040
- https://github.com/advisories/GHSA-6vjm-54vp-mxhx
Blast Radius: 9.8
Affected Packages
go:github.com/juju/juju
Dependent packages: 12Dependent repositories: 13
Downloads:
Affected Version Ranges: >= 3.5.0, < 3.5.3, >= 3.4.0, < 3.4.5, >= 3.2.0, < 3.3.6, >= 3.0.0, < 3.1.9, < 2.9.50
Fixed in: 3.5.3, 3.4.5, 3.3.6, 3.1.9, 2.9.50
All affected versions:
All unaffected versions: