Hashicorp Terraform_enterprise

5 CVEs affecting Hashicorp Terraform_enterprise. Latest disclosed: 2023-06-22. Critical: 0, High: 2.

Top CVEs affecting Hashicorp Terraform_enterprise
CVESeverityScorePublishedSummary
CVE-2021-40862High8.82021-09-15HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously disclosed a sensitive URL to authenticated parties, which could be us…
CVE-2022-25374High7.52022-02-25HashiCorp Terraform Enterprise v202112-1, v202112-2, v202201-1, and v202201-2 were configured to log inbound HTTP requests in a manner that may capture sensiti…
CVE-2021-3153Medium6.52021-03-26HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting that required users within an organization to have two-factor au…
CVE-2020-15511Medium5.32020-07-30HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. F…
CVE-2023-3114Medium5.02023-06-22Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agen…