Lucene search
HistoryJul 29, 2024 - 2:15 p.m.
CVE-2024-6984
juju
unauthorized access
sensitive data
context id
local attacker
local charm
CVSS3
3.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
EPSS
0
Percentile
16.2%
An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.
Affected configurations
Node
canonicaljujuRange2.9–2.9.50
ORcanonicaljujuRange3.1–3.1.9
ORcanonicaljujuRange3.3–3.3.6
ORcanonicaljujuRange3.4–3.4.5
ORcanonicaljujuRange3.5–3.5.3
Related
osv
osv
CVE-2024-6984 in github.com/juju/juju
2024-08-06 22:03:16
CVE-2024-6984
2024-07-29 14:15:04
ubuntucve
ubuntucve
CVE-2024-6984
2024-07-29 00:00:00
cvelist
cvelist
CVE-2024-6984
2024-07-29 14:04:05
cve
cve
CVE-2024-6984
2024-07-29 14:15:04
veracode
veracode
Sensitive Information Exposure
2024-07-30 19:39:49
vulnrichment
vulnrichment
CVE-2024-6984
2024-07-29 14:04:05
CVSS3
3.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
EPSS
0
Percentile
16.2%
Related for NVD:CVE-2024-6984