4 matches found
CVE-2022-25374
HashiCorp Terraform Enterprise v202112-1, v202112-2, v202201-1, and v202201-2 were configured to log inbound HTTP requests in a manner that may capture sensitive data. Fixed in v202202-1...
CVE-2022-25374
HashiCorp Terraform Enterprise v202112-1, v202112-2, v202201-1, and v202201-2 were configured to log inbound HTTP requests in a manner that may capture sensitive data. Fixed in v202202-1...
CVE-2022-25374
CVE-2022-25374 affects HashiCorp Terraform Enterprise releases v202112-1, v202112-2, v202201-1, and v202201-2, where inbound HTTP requests could be logged in a way that may reveal sensitive data. The root cause is insecure logging of inbound requests, leading to potential information exposure in ...
Terraform Enterprise May Capture Sensitive Data In Logs
Summary Terraform Enterprise was configured to log inbound HTTP requests in a manner that may capture sensitive data. This vulnerability, CVE-2022-25374, was fixed in Terraform Enterprise v202202-1. Background Terraform Enterprise TFE is an application that helps teams use Terraform together, wit...