7 matches found
CVE-2021-36230
HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1...
CVE-2021-36230 vulnerabilities
Vulnerabilities for packages: terraform, terragrunt...
CVE-2021-36230 vulnerabilities
Vulnerabilities for packages: terraform, terragrunt...
CBL Mariner 2.0 Security Update: terraform (CVE-2021-36230)
The version of terraform installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36230 advisory. - HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on ...
CVE-2021-36230 affecting package terraform for versions less than 1.3.2-1
CVE-2021-36230 affecting package terraform for versions less than 1.3.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-36230
HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1...
CVE-2021-36230
CVE-2021-36230 affects HashiCorp Terraform Enterprise; the issue arises from missing authorization checks on a subset of API requests executed with the run token, enabling privilege escalation to the organization owner. Affected releases are up to v202106-1, with a fix in v202107-1. The risk deta...