Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HashiCorp Terraform 授权问题漏洞
Vulnerability Description
Hashicorp Terraform是美国HashiCorp(Hashicorp)公司的一款用于预配和管理云基础结构的开源工具。 HashiCorp Terraform 存在授权问题漏洞,攻击者可利用该漏洞触发致命错误,以触发拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A