CVE-2021-36230 is a vulnerability in HashiCorp Terraform
Published on July 20, 2021
HashiCorp Terraform Enterprise releases up to v202106-1 did not properly perform authorization checks on a subset of API requests executed using the run token, allowing privilege escalation to organization owner. Fixed in v202107-1.
Products Associated with CVE-2021-36230
Want to know whenever a new CVE is published for HashiCorp Terraform? stack.watch will email you.
Exploit Probability
EPSS
0.55%
Percentile
67.63%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.