CVE-2024-7558
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-7558
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-7558.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-7558
- Aliases
- Downstream
- Related
- Published
- 2024-10-02T11:15:11Z
- Modified
- 2025-08-27T09:01:16.761474Z
- Severity
-
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
JUJUCONTEXTID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJUCONTEXTID value. This gives the unprivileged user access to the same information and tools as the Juju charm.
- References
Affected packages
Git / github.com/juju/juju
Affected ranges
- Type
- GIT
- Repo
- https://github.com/juju/juju
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.8-rc1
2.8.0
Other
juju-
juju-1.*
juju-1.19.3
juju-1.19.4
juju-1.21-alpha1
juju-1.21-alpha2
juju-1.21-alpha3
juju-1.24-alpha1
juju-1.24-beta1
juju-1.24-beta2
juju-1.24-beta3
juju-1.24-beta4
juju-1.24-beta5
juju-1.24-beta6
juju-1.25-alpha1
juju-1.25-beta1
juju-1.25.0
juju-1.26-alpha1
juju-1.26-alpha2
juju-1.26-alpha3
juju-2.*
juju-2.0-alpha1
juju-2.0-alpha2
juju-2.0-beta1
juju-2.0-beta10
juju-2.0-beta11
juju-2.0-beta12
juju-2.0-beta13
juju-2.0-beta14
juju-2.0-beta15
juju-2.0-beta16
juju-2.0-beta17
juju-2.0-beta18
juju-2.0-beta2
juju-2.0-beta3
juju-2.0-beta4
juju-2.0-beta5
juju-2.0-beta6
juju-2.0-beta7
juju-2.0-beta8
juju-2.0-beta9
juju-2.0-rc1
juju-2.0-rc2
juju-2.0-rc3
juju-2.0.0
juju-2.1-beta1
juju-2.1-beta2
juju-2.1-beta3
juju-2.1-beta4
juju-2.1-beta5
juju-2.1-rc1
juju-2.1-rc2
juju-2.1.0
juju-2.1.1
juju-2.1.2
juju-2.2-alpha1
juju-2.2-beta1
juju-2.2-beta2
juju-2.2-beta3
juju-2.2-beta4
juju-2.2-rc1
juju-2.2-rc2
juju-2.2-rc3
juju-2.2.0
juju-2.2.1
juju-2.2.2
juju-2.2.3
juju-2.2.4
juju-2.2.5
juju-2.2.6
juju-2.2.7
juju-2.2.8
juju-2.2.9
juju-2.3-beta1
juju-2.3-beta2
juju-2.3-beta3
juju-2.3-rc1
juju-2.3-rc2
juju-2.3.0
juju-2.3.1
juju-2.3.2
juju-2.3.3
juju-2.3.4
juju-2.3.5
juju-2.3.6
juju-2.3.7
juju-2.3.8
juju-2.3.9
juju-2.4-beta1
juju-2.4-beta2
juju-2.4-beta3
juju-2.4-rc1
juju-2.4-rc2
juju-2.4-rc3
juju-2.4.0
juju-2.4.1
juju-2.4.2
juju-2.4.3
juju-2.4.4
juju-2.4.5
juju-2.4.6
juju-2.4.7
juju-2.5-beta1
juju-2.5-beta2
juju-2.5-beta3
juju-2.5-rc1
juju-2.5-rc2
juju-2.5.0
juju-2.5.1
juju-2.5.2
juju-2.5.3
juju-2.5.4
juju-2.5.5
juju-2.5.6
juju-2.5.7
juju-2.5.8
juju-2.6-beta1
juju-2.6-beta2
juju-2.6-rc1
juju-2.6-rc2
juju-2.6.0
juju-2.6.1
juju-2.6.10
juju-2.6.2
juju-2.6.3
juju-2.6.4
juju-2.6.5
juju-2.6.6
juju-2.6.7
juju-2.6.9
juju-2.7-beta1
juju-2.7-rc1
juju-2.7-rc2
juju-2.7-rc3
juju-2.7-rc4
juju-2.7-rc5
juju-2.7-rc6
juju-2.7.0
juju-2.7.1
juju-2.7.2
juju-2.7.3
juju-2.7.4
juju-2.7.5
juju-2.7.6
juju-2.7.7
juju-2.8-beta1
juju-2.8-rc1
juju-2.8-rc2
juju-2.8-rc3
juju-2.8.0
juju-2.8.1
juju-2.8.10
juju-2.8.11
juju-2.8.2
juju-2.8.3
juju-2.8.4
juju-2.8.5
juju-2.8.6
juju-2.8.7
juju-2.8.8
juju-2.8.9
juju-2.9-beta1
juju-2.9-rc1
juju-2.9-rc10
juju-2.9-rc11
juju-2.9-rc12
juju-2.9-rc2
juju-2.9-rc3
juju-2.9-rc4
juju-2.9-rc5
juju-2.9-rc6
juju-2.9-rc7
juju-2.9-rc8
juju-2.9-rc9
juju-2.9.0
juju-2.9.1
juju-2.9.10
juju-2.9.11
juju-2.9.12
juju-2.9.13
juju-2.9.14
juju-2.9.15
juju-2.9.16
juju-2.9.17
juju-2.9.18
juju-2.9.19
juju-2.9.2
juju-2.9.20
juju-2.9.21
juju-2.9.22
juju-2.9.23
juju-2.9.24
juju-2.9.25
juju-2.9.26
juju-2.9.27
juju-2.9.28
juju-2.9.29
juju-2.9.3
juju-2.9.30
juju-2.9.31
juju-2.9.32
juju-2.9.33
juju-2.9.34
juju-2.9.35
juju-2.9.36
juju-2.9.37
juju-2.9.38
juju-2.9.39
juju-2.9.4
juju-2.9.40
juju-2.9.41
juju-2.9.42
juju-2.9.43
juju-2.9.44
juju-2.9.5
juju-2.9.6
juju-2.9.7
juju-2.9.8
juju-2.9.9
v2.*
v2.9.45
v2.9.46
v2.9.47
v2.9.48
v2.9.49