Lucene search
K

6 matches found

OSV
OSV
added 2026/04/21 4:34 a.m.7 views

AZL-9179 CVE-2018-9057 for package terraform is not applicable

This CVE either no longer is or was never applicable...

9.8CVSS5.7AI score0.02038EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.22 views

CBL Mariner 2.0 Security Update: terraform (CVE-2018-9057)

The version of terraform installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-9057 advisory. - aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through...

9.8CVSS8.3AI score0.02038EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2022/06/26 3:29 a.m.13 views

CVE-2018-9057 affecting package terraform for versions less than 1.2.2-2

CVE-2018-9057 affecting package terraform for versions less than 1.2.2-2. An upgraded version of the package is available that resolves this issue...

9.8CVSS9.7AI score0.02038EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2018/03/27 6:29 p.m.47 views

CVE-2018-9057

aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...

9.8CVSS5.4AI score0.02038EPSS
Exploits0
Cvelist
Cvelist
added 2018/03/27 6:0 p.m.18 views

CVE-2018-9057

aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...

9.4AI score0.02038EPSS
Exploits0References1
CVE
CVE
added 2018/03/27 6:0 p.m.66 views

CVE-2018-9057

The CVE-2018-9057 entry affects the HashiCorp Terraform AWS provider, specifically aws/resource_aws_iam_user_login_profile.go, through v1.12.0. The underlying issue is an inappropriate PRNG algorithm and seeding, which can let remote attackers gain access by exploiting an IAM account with a weak ...

9.8CVSS9.2AI score0.02038EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder