CVE-2017-9232
EUVD-2017-1817028.05.2017, 00:29
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| canonical | juju | 𝑥 ≤ 1.25.12 |
| canonical | juju | 2.0.0 |
| canonical | juju | 2.0.0:alpha1 |
| canonical | juju | 2.0.0:alpha2 |
| canonical | juju | 2.0.0:beta1 |
| canonical | juju | 2.0.0:beta10 |
| canonical | juju | 2.0.0:beta11 |
| canonical | juju | 2.0.0:beta12 |
| canonical | juju | 2.0.0:beta13 |
| canonical | juju | 2.0.0:beta14 |
| canonical | juju | 2.0.0:beta15 |
| canonical | juju | 2.0.0:beta16 |
| canonical | juju | 2.0.0:beta17 |
| canonical | juju | 2.0.0:beta18 |
| canonical | juju | 2.0.0:beta2 |
| canonical | juju | 2.0.0:beta3 |
| canonical | juju | 2.0.0:beta4 |
| canonical | juju | 2.0.0:beta5 |
| canonical | juju | 2.0.0:beta6 |
| canonical | juju | 2.0.0:beta7 |
| canonical | juju | 2.0.0:beta8 |
| canonical | juju | 2.0.0:beta9 |
| canonical | juju | 2.0.0:rc1 |
| canonical | juju | 2.0.0:rc2 |
| canonical | juju | 2.0.0:rc3 |
| canonical | juju | 2.0.1 |
| canonical | juju | 2.0.2 |
| canonical | juju | 2.0.3 |
| canonical | juju | 2.1.0 |
| canonical | juju | 2.1.0:beta1 |
| canonical | juju | 2.1.0:beta2 |
| canonical | juju | 2.1.0:beta3 |
| canonical | juju | 2.1.0:beta4 |
| canonical | juju | 2.1.0:beta5 |
| canonical | juju | 2.1.0:rc1 |
| canonical | juju | 2.1.0:rc2 |
| canonical | juju | 2.1.1 |
| canonical | juju | 2.1.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| juju-core |
| ||||||||
| juju-core-1 |
|
Common Weakness Enumeration