A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.
2021-07-20T11:15:11.630
2024-11-21T05:57:11.650
Modified
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | puppet | puppet | < 6.23.0 | Yes |
| Application | puppet | puppet | < 7.8.0 | Yes |
| Application | puppet | puppet_enterprise | < 2019.8.7 | Yes |
| Application | puppet | puppet_enterprise | < 2021.2.0 | Yes |
| Application | puppet | puppetdb | < 6.17.0 | Yes |
| Application | puppet | puppetdb | < 7.4.1 | Yes |