Количество 3
Количество 3
CVE-2021-36230
HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1.
CVE-2021-36230
GHSA-6cgg-f8v8-8rxw
HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-36230 HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1. | CVSS3: 8.8 | 1% Низкий | больше 4 лет назад |
 | CVSS3: 8.8 | 1% Низкий | почти 4 года назад | |
| GHSA-6cgg-f8v8-8rxw HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1. | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу