CVE-2017-9232

CVE Database · CVE-2017-9232

CVE-2017-9232

· N/AModified

CVSS v3.1

N/A

EPSS

48.50%

Published

May 27, 2017

Modified

May 12, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBJuju-run Agent - Privilege Escalation (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.

Weaknesses (CWE)

CWE-862

Affected Products (38)

canonical · jujuvulnerable

References (6)

http://www.securityfocus.com/bid/98737

Third Party AdvisoryVDB Entry

https://bugs.launchpad.net/juju/+bug/1682411

ExploitIssue TrackingThird Party Advisory

https://www.exploit-db.com/exploits/44023/

http://www.securityfocus.com/bid/98737

Third Party AdvisoryVDB Entry

https://bugs.launchpad.net/juju/+bug/1682411

ExploitIssue TrackingThird Party Advisory

https://www.exploit-db.com/exploits/44023/

KEV Catalog EPSS Scores Vendors All CVEs