Security Advisory

CVE-2021-36230

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-20 20:53:26

Last updated 2024-08-04 00:54:50

Assigner mitre

State PUBLISHED

Description

HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1.

← Browse all CVEs View on cve.org ↗