CVE-2021-27021

Summary

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.

Affected Software

VendorProductVersion RangeStatus
n/aPuppet DBAll prior versions before Puppet DB 6.17.0, 7.4.1, Puppet Platform 6.23, 7.8.0 and PE 2021.2, 2019.8.7affected

Weaknesses

  • CWE-1027: [CWE-1027|https://cwe.mitre.org/data/definitions/1027.html]

ADP Enrichment

CVE Program Container

Additional References

References