References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

Canonical Ltd. AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H

Canonical Ltd. CWE-1391

Canonical Ltd. CWE-337

Canonical Ltd. CWE-340

JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.

Canonical Ltd. https://github.com/juju/juju/security/advisories/GHSA-mh98-763h-m9v4 [No types assigned]

Canonical Ltd. https://www.cve.org/CVERecord?id=CVE-2024-7558 [No types assigned]