A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Puppet | Puppet | * | 6.23.0 (excluding) |
Puppet | Puppet | 7.7.0 (including) | 7.8.0 (excluding) |
Puppet_enterprise | Puppet | * | 2019.8.7 (excluding) |
Puppet_enterprise | Puppet | 2021.0.0 (including) | 2021.2.0 (excluding) |
Puppetdb | Puppet | * | 6.17.0 (excluding) |
Puppetdb | Puppet | 7.0.0 (including) | 7.4.1 (excluding) |
Puppetdb | Ubuntu | esm-apps/jammy | * |
Puppetdb | Ubuntu | impish | * |
Puppetdb | Ubuntu | jammy | * |
Puppetdb | Ubuntu | kinetic | * |
Puppetdb | Ubuntu | lunar | * |
Puppetdb | Ubuntu | trusty | * |
Puppetdb | Ubuntu | upstream | * |
Puppetdb | Ubuntu | xenial | * |