Vulnerability in Puppet Db

CVE-2021-27021

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.

EPSS: 0.006 (70.6th percentile) — read the EPSS interpretation.

Affected products

N/a Puppet Db — versions All prior versions before Puppet DB 6.17.0, 7.4.1, Puppet Platform 6.23, 7.8.0 and PE 2021.2, 2019.8.7

Weakness classification (CWE)

CWE-1027

References

puppet.com/security/cve/cve-2021-27021/ (x_refsource_MISC)