Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Terraform Enterprise Security Vulnerabilities

cve
cve

CVE-2022-25374

HashiCorp Terraform Enterprise v202112-1, v202112-2, v202201-1, and v202201-2 were configured to log inbound HTTP requests in a manner that may capture sensitive data. Fixed in...

7.5CVSS

7.4AI Score

0.002EPSS

2022-02-25 01:15 PM
57
cve
cve

CVE-2021-40862

HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously disclosed a sensitive URL to authenticated parties, which could be used for privilege escalation or unauthorized modification of a Terraform configuration. Fixed in...

8.8CVSS

8.6AI Score

0.001EPSS

2021-09-15 07:15 PM
18
cve
cve

CVE-2021-3153

HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting that required users within an organization to have two-factor authentication enabled. Fixed in...

6.5CVSS

6.5AI Score

0.001EPSS

2021-03-26 03:16 AM
61
6
cve
cve

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in...

5.3CVSS

7.2AI Score

0.001EPSS

2020-07-30 02:15 PM
17