{"id":"CVE-2017-9232","details":"Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.","aliases":["GHSA-j3hp-pv6v-rgrx","GO-2025-3639"],"modified":"2026-04-10T04:02:27.483031Z","published":"2017-05-28T00:29:00.453Z","related":["openSUSE-SU-2025:15033-1"],"references":[{"type":"WEB","url":"https://www.exploit-db.com/exploits/44023/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98737"},{"type":"REPORT","url":"https://bugs.launchpad.net/juju/+bug/1682411"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/juju/juju","events":[{"introduced":"0"},{"last_affected":"143d53377f5e41ad1da0fd6f357a733d1b7cd18d"},{"introduced":"0"},{"last_affected":"6cf1bc9d917a4c56d0034fd6e0d6f394d6eddb6e"},{"introduced":"0"},{"last_affected":"8fcc982d69050a17561d6c2e89979124ec8c23c4"},{"introduced":"0"},{"last_affected":"a83896d913d7e43c960e441c1e41612116d92d46"},{"introduced":"0"},{"last_affected":"ed71a1053aef1291696d6aee662725ba601e6ba3"},{"introduced":"0"},{"last_affected":"2831158d2c09328719883c432211bb6a8de07c7a"},{"introduced":"0"},{"last_affected":"53789527c5223644aa0c618bfa885a4da72b7d7d"},{"introduced":"0"},{"last_affected":"7f85784eaf0f9df9e5d95ff6766d81a9e0076472"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.25.12"},{"introduced":"0"},{"last_affected":"2.0.0"},{"introduced":"0"},{"last_affected":"2.0.1"},{"introduced":"0"},{"last_affected":"2.0.2"},{"introduced":"0"},{"last_affected":"2.0.3"},{"introduced":"0"},{"last_affected":"2.1.0"},{"introduced":"0"},{"last_affected":"2.1.1"},{"introduced":"0"},{"last_affected":"2.1.2"}]}}],"versions":["juju-1.19.3","juju-1.19.4","juju-1.21-alpha1","juju-1.21-alpha2","juju-1.21-alpha3","juju-1.25-alpha1","juju-1.25-beta1","juju-1.25.0","juju-1.25.1","juju-1.25.10","juju-1.25.11","juju-1.25.12","juju-1.25.2","juju-1.25.3","juju-1.25.4","juju-1.25.5","juju-1.25.6","juju-1.25.7","juju-1.25.8","juju-1.25.9","juju-1.26-alpha1","juju-1.26-alpha2","juju-1.26-alpha3","juju-2.0-alpha1","juju-2.0-alpha2","juju-2.0-beta1","juju-2.0-beta10","juju-2.0-beta11","juju-2.0-beta12","juju-2.0-beta13","juju-2.0-beta14","juju-2.0-beta15","juju-2.0-beta16","juju-2.0-beta17","juju-2.0-beta18","juju-2.0-beta2","juju-2.0-beta3","juju-2.0-beta4","juju-2.0-beta5","juju-2.0-beta6","juju-2.0-beta7","juju-2.0-beta8","juju-2.0-beta9","juju-2.0-rc1","juju-2.0-rc2","juju-2.0-rc3","juju-2.0.0","juju-2.0.1","juju-2.0.2","juju-2.0.3","juju-2.1-beta1","juju-2.1-beta2","juju-2.1-beta3","juju-2.1-beta4","juju-2.1-beta5","juju-2.1-rc1","juju-2.1-rc2","juju-2.1.0","juju-2.1.1","juju-2.1.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9232.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.0.0-alpha1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-alpha2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta10"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta11"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta12"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta13"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta14"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta15"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta16"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta17"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta18"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta3"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta4"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta5"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta6"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta7"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta8"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-beta9"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0.0-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.0-beta1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.0-beta2"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.0-beta3"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.0-beta4"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.0-beta5"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.0-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.0-rc2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}