Juju’s CVSS 10 Flaw Hands Over Master Cloud Credentials

Juju, the popular open-source application orchestration engine, is facing a critical security emergency. A newly discovered vulnerability, carrying the maximum possible severity rating of CVSS 10, allows low-privileged users to exfiltrate the master cloud credentials used to bootstrap the entire system.

The flaw represents a significant breakdown in the platform’s authorization model, potentially exposing entire cloud environments to total takeover.

The vulnerability, tracked as CVE-2026-5412, centers on a specific API known as the CloudSpec method on the Controller facade.

Under normal operating conditions, the CloudSpec API is utilized by internal workers to maintain connections to the cloud or by the Juju CLI during high-level tasks, such as forcefully destroying a controller with the juju kill-controller command. However, researchers discovered that the guardrails for this powerful tool were missing.

“The API is exposed to any client caller where that client has nothing more than logon permission on the controller,” the advisory warns.

If a user has basic login permissions and manages to find the controller’s model UUID, they can call this method to “get cloud credentials used to bootstrap the controller”.

The implications of this leak are absolute. Because the bootstrap credentials often possess administrative rights over the underlying cloud infrastructure (such as AWS, Azure, or Google Cloud), an attacker gaining these keys could bypass Juju entirely to manipulate the cloud environment itself.

Juju’s developers confirmed that “getting access to the credential should be limited to those client connections where the authenticated user has superuser or model admin permission,” but the current flaw effectively removes that requirement for any logged-in user.

The vulnerability impacts several current release branches of the Juju engine:

• Affected Versions: 2.9, 3.6, and 4.0.6 (including the snap version from the 4.0/edge channel).
• Mandatory Patches: Administrators are urged to upgrade to 2.9.57 or 3.6.21 immediately.

Following the patch, non-confidential information like cloud endpoints will remain readable to standard users, but “only controller superusers or model admins will be able to see the credential details”.

For organizations that cannot apply the patch immediately, the only available mitigation is network-level isolation.

• Ingress Restriction: Administrators must “restrict ingress to the controller API port 17070 on all controller machines”.
• Operational Caution: Because the Juju CLI and libraries like libjuju or JAAS require access to port 17070 to function, “any restricted access will need to take into account those access requirements” to prevent disrupting legitimate administrative tasks.