Juju prior to 1.25.12, 2.0.x prior to 2.0.4, and 2.1.x prior to 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical juju 2.1.0 |
||
canonical juju 2.0.0 |
||
canonical juju |
||
canonical juju 2.1.1 |
||
canonical juju 2.0.2 |
||
canonical juju 2.0.1 |
||
canonical juju 2.1.2 |
||
canonical juju 2.0.3 |