A critical authorization vulnerability in Juju allows low-privileged authenticated users to access sensitive cloud credentials, leading to potential full infrastructure compromise.

This is an authorization issue in the Controller facade. An authenticated user can invoke the CloudSpec API method to retrieve highly sensitive cloud bootstrap credentials.

With a CVSS score of 9.9, the impact is severe. An attacker with even low-level access can steal credentials to control the entire underlying cloud environment, leading to massive data breaches and unauthorized manipulation of cloud infrastructure.

Immediate Action: Upgrade Juju to versions 2.9.57 or 3.6.21 or later.

Proactive Monitoring: Review Juju controller access logs for unusual calls to the CloudSpec API method by non-privileged accounts.

Compensating Controls: Implement the principle of least privilege for all Juju users and rotate cloud credentials immediately if unauthorized access is suspected.

Public Exploit Available: No

The severity of this credential exposure issue demands an immediate upgrade. Organizations should also rotate any credentials that may have been exposed as a precautionary measure.