CVE-2023-0092 — Juju controller - Arbitrary file reading vulnerability

Description

### Impact An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller's filesystem. ### Patches Patched in juju 2.9.38 and juju 3.0.3 [juju/juju#ef803e2](https://github.com/juju/juju/commit/ef803e2a13692d355b784b7da8b4b1f01dab1556) ### Workarounds Limit read access to the controller model to only trusted users.

How to fix CVE-2023-0092

To remediate CVE-2023-0092, upgrade the affected package to a fixed version below.

—upgrade to 2.9.38 or later

Is CVE-2023-0092 being exploited?

Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

>= 2.9.22, < 2.9.38

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM4.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

References (6)

ADVISORYgithub.com/advisories/GHSA-x5rv-w9pm-8qp8
ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-0092
PATCHgithub.com/juju/juju
WEBbugs.launchpad.net/juju/+bug/1999622
WEB