Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sensitive log retrieval in Juju
Vulnerability Description
The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Juju 安全漏洞
Vulnerability Description
Juju是Canonical Juju开源的一个开源应用程序编排引擎。 Juju存在安全漏洞,该漏洞源于/log端点授权检查不足,可能导致未经授权的用户访问敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A