Arbitrary File Write Vulnerability in Terraform 1.0.8 - 1.5.6 during `init` Operation
CVE-2023-4782 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Terraform version 1.0.8 through 1.5.6 allows arbitrary file write during the `init` operation if run on maliciously crafted Terraform configuration. This vulnerability is fixed in Terraform 1.5.7.
Learn more about our Web Application Penetration Testing UK.