CVE-2019-19316
Published
CVSS v3
7.5
HIGH
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
GitHub