CVE-2025-68152

| EUVD-2025-209209 MEDIUM
2026-04-03 GitHub_M GHSA-j6f6-jp3p-53mw
6.9
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch Released
Apr 03, 2026 - 20:30 nvd
Patch available
Analysis Generated
Apr 03, 2026 - 16:00 vuln.today
EUVD ID Assigned
Apr 03, 2026 - 16:00 euvd
EUVD-2025-209209
CVE Published
Apr 03, 2026 - 15:25 nvd
MEDIUM 6.9

Tags

Authentication Bypass

Description

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, it is possible that a compromised workload machine under a Juju controller can read any log file for any entity in any model at any level. This issue has been patched in versions 2.9.56 and 3.6.19.

Analysis

Juju application orchestration engine versions 2.9 to 2.9.55 and 3.6 to 3.6.18 allow a compromised workload machine to read arbitrary log files for any entity across any model without proper authorization checks. This authentication bypass (CWE-863) affects high-privilege scenarios where an attacker already controls a machine within a Juju-managed infrastructure, enabling lateral information disclosure to extract sensitive operational logs. The vulnerability has been patched in Juju 2.9.56 and 3.6.19.

Technical Context

Juju is an operator-based infrastructure automation platform that manages applications and their lifecycle across heterogeneous environments. The underlying issue stems from insufficient authorization enforcement in the log access control mechanism (CWE-863: Improper Authorization). The CVSS vector (PR:H) indicates this requires high-privilege context-specifically, an attacker must already have control over a workload machine managed by the Juju controller. The vulnerability allows privilege escalation within the Juju management plane: a compromised machine can bypass model isolation and read logs from entities it should not have access to. This affects the core multi-tenancy and isolation guarantees that Juju operators depend on.

Affected Products

Juju versions 2.9.0 through 2.9.55 and versions 3.6.0 through 3.6.18 are affected (CPE: cpe:2.3:a:juju:juju:*:*:*:*:*:*:*:*). The vulnerability applies across all Juju deployments using these version ranges, regardless of underlying infrastructure. Security advisory: https://github.com/juju/juju/security/advisories/GHSA-j6f6-jp3p-53mw

Remediation

Vendor-released patch: Juju 2.9.56 and Juju 3.6.19. Administrators should upgrade immediately to one of these patched versions. For organizations unable to upgrade immediately, the primary mitigation is to restrict physical or administrative access to workload machines managed by the Juju controller, as the vulnerability requires an attacker to already control a machine in the deployment. No workaround is available short of patching. Additional defense-in-depth measures include implementing network segmentation to restrict log access channels and auditing log access patterns to detect unauthorized queries. Refer to the GitHub security advisory (https://github.com/juju/juju/security/advisories/GHSA-j6f6-jp3p-53mw) for deployment-specific guidance.

Priority Score

35
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +34
POC: 0

Share

CVE-2025-68152 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy