Terraform versions prior to 0.12.17 Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Terraform versions prior to 0.12.17 suffers from use of a broken or risky cryptographic algorithm vulnerability.
The information has been provided by Vendor
The original article can be found at:https://github.com/hashicorp/terraform/security/advisories/GHSA-4rvg-555h-r626
When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
Terraform versions prior to 0.12.17