USN-3300-1

Advisory lineage Upstream: 2 Downstream: 0
Published: 26 May 2017, 20:40
Last modified:04 Feb 2026, 03:03

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

26 May 2017, 20:40
Published
Vulnerability first disclosed
04 Feb 2026, 03:03
Last Modified
Vulnerability information updated

Description

juju-core vulnerability Ryan Beisner discovered juju did not set permissions on a Unix domain socket. A local attacker could use this flaw to gain administrative privileges.

Affected Systems

  • ubuntujuju-core

    < 1.25.6-0ubuntu1.14.04.2 | < 2.0.2-0ubuntu0.16.04.2

References (2)