Description
Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- low
- User Action
- none
- Scope
- changed
- Confidentiality
- low
- Integrity
- low
- Availability
- high
- Weaknesses
- CWE-420NVD-CWE-noinfo
Metadata
- Primary Vendor
- CANONICAL
- Published
- 10/2/2024
- Last Modified
- 8/26/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
canonical : jujucanonical : jujucanonical : jujucanonical : jujucanonical : jujucanonical : juju
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.