CVE-2026-4370: CRITICAL Juju Controller Dqlite Cluster Vuln
Plattform
go
Komponente
github.com/juju/juju
Behoben in
4.0.4
CVE-2026-4370 is a critical vulnerability affecting Juju controllers. This flaw allows an attacker with network access to the Dqlite cluster endpoint to join the cluster and gain full control, including reading and modifying data, escalating privileges, and opening firewall ports. The vulnerability affects Juju controllers since version 3.2.0. A fix is available in version 4.0.4.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-4370?
CVE-2026-4370 is a critical vulnerability in Juju controllers that allows unauthorized access and control of the Dqlite cluster.
Am I affected by CVE-2026-4370?
You are affected if you are using Juju controller versions 3.2.0 and prior to 4.0.4.
How do I fix CVE-2026-4370?
Upgrade your Juju controller to version 4.0.4 or later.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten