CVE-2026-32692

An authorization bypass vulnerability in the Vault secrets back-end implementation of Juju versions 3.1.6 through 3.6.18 allows an authenticated unit agent to perform unauthorized updates to secret revisions. With sufficient information, an attacker can poison any existing secret revision within the scope of that Vault secret back-end.

CVSS v3 7.6 HIGH

7.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/juju/juju/security/advisories/GHSA-89x7-5m5m-mcmm	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-03-18 13:16

Updated : 2026-03-19 15:23

NVD link : CVE-2026-32692

Mitre link : CVE-2026-32692

CVE.ORG link : CVE-2026-32692

JSON object : View

Products Affected

canonical

juju

CWE

CWE-285

Improper Authorization

{"id": "CVE-2026-32692", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@ubuntu.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2026-03-18T13:16:18.710", "references": [{"url": "https://github.com/juju/juju/security/advisories/GHSA-89x7-5m5m-mcmm", "tags": ["Vendor Advisory"], "source": "security@ubuntu.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@ubuntu.com", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "An authorization bypass vulnerability in the Vault secrets back-end implementation of Juju versions 3.1.6 through 3.6.18 allows an authenticated unit agent to perform unauthorized updates to secret revisions. With sufficient information, an attacker can poison any existing secret revision within the scope of that Vault secret back-end."}, {"lang": "es", "value": "Una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n en la implementaci\u00f3n del back-end de secretos de Vault de Juju versiones 3.1.6 a 3.6.18 permite a un agente de unidad autenticado realizar actualizaciones no autorizadas a las revisiones de secretos. Con informaci\u00f3n suficiente, un atacante puede envenenar cualquier revisi\u00f3n de secreto existente dentro del alcance de ese back-end de secretos de Vault."}], "lastModified": "2026-03-19T15:23:26.870", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63EF3985-5422-4DB4-BD88-0FC5CC2E3100", "versionEndExcluding": "3.6.19", "versionStartIncluding": "3.1.6"}], "operator": "OR"}]}], "sourceIdentifier": "security@ubuntu.com"}