Phekmat

**Name of the Vulnerable Software and Affected Versions** Terraform versions prior to 0.12.17 **Description** The issue concerns the transmission of sensitive data in cleartext HTTP when using the Azure backend with a shared access signature (SAS) in Terraform. This affects the `github.com/hashicorp/terraform/backend/remote-state/azure` package. The problem involves the use of a broken or risky cryptographic algorithm. **Recommendations** For Terraform versions prior to 0.12.17, update to version 0.12.17 or later to resolve the issue. As a temporary workaround, consider disabling the use of cleartext HTTP for transmitting the token and state snapshot until a patch is available. Restrict access to the Azure backend with a shared access signature (SAS) to minimize the risk of exploitation.