CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-3153

HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting that required users within an organization to have two-factor authentication enabled. Fixed in v202103-1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://discuss.hashicorp.com/t/hcsec-2021-06-terraform-enterprise-organization-level-mfa-requirement-was-not-enforced/22401
https://discuss.hashicorp.com/t/hcsec-2021-06-terraform-enterprise-organization-level-mfa-requirement-was-not-enforced/22401

Products affected by CVE-2021-3153

Hashicorp » Terraform Enterprise » Version: N/A

cpe:2.3:a:hashicorp:terraform_enterprise:-
Hashicorp » Terraform Enterprise » Version: 202007-1

cpe:2.3:a:hashicorp:terraform_enterprise:202007-1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3153

Products

Pricing

Contact Us