Critical severity9.8NVD Advisory· Published May 28, 2017· Updated Jun 17, 2026
CVE-2017-9232
CVE-2017-9232
Description
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/juju/jujuGo | < 0.0.0-20170524231039-0417178a3c28 | 0.0.0-20170524231039-0417178a3c28 |
Affected products
40cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*+ 37 more
- cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*range: <=1.25.12
- cpe:2.3:a:canonical:juju:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta10:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta11:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta12:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta13:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta14:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta15:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta16:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta17:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta18:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta6:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta7:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta8:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:beta9:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:juju:2.1.2:*:*:*:*:*:*:*
- ghsa-coords2 versions
< 0.0.0-20170524231039-0417178a3c28+ 1 more
- (no CPE)range: < 0.0.0-20170524231039-0417178a3c28
- (no CPE)range: < 0.0.20250424T181457-1.1
Patches
Vulnerability mechanics
References
7- bugs.launchpad.net/juju/+bug/1682411nvdExploitIssue TrackingThird Party AdvisoryWEB
- www.securityfocus.com/bid/98737nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-j3hp-pv6v-rgrxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-9232ghsaADVISORY
- github.com/juju/juju/commit/0417178a3c2869537860e8b3b5e787ce1732231fghsaWEB
- www.exploit-db.com/exploits/44023ghsaWEB
- www.exploit-db.com/exploits/44023/nvd
News mentions
0No linked articles in our index yet.