How severe is CVE-2024-7558?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.7 out of 10.

What type of vulnerability is CVE-2024-7558?

This is classified as CWE-337, which is a common weakness in software security.

CVE-2024-7558

HIGH Year: 2024

CVSS v3 Score

8.7

High

Weakness Type

CWE-337

View all →

Vulnerability Description

JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.

CVE-2022-40267

CRITICAL

CVSS:9.1(Critical)

Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X****...

CWE-3372022

CVE-2023-49343

HIGH

CVSS:7.8(High)

Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has ...

CWE-3372023

CVE-2020-28597

CRITICAL

CVSS:9.8(Critical)

A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An...

CWE-3372020

CVE-2022-26852

CRITICAL

CVSS:9.8(Critical)

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an...

CWE-3372022