### [CVE-2021-27021](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27021)
![](https://img.shields.io/static/v1?label=Product&message=Puppet%20DB&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=All%20prior%20versions%20before%20Puppet%20DB%206.17.0%2C%207.4.1%2C%20Puppet%20Platform%206.23%2C%207.8.0%20and%20PE%202021.2%2C%202019.8.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=%5BCWE-1027%7Chttps%3A%2F%2Fcwe.mitre.org%2Fdata%2Fdefinitions%2F1027.html%5D&color=brightgreen)

### Description

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.

### POC

#### Reference
- https://puppet.com/security/cve/cve-2021-27021/

#### Github
No PoCs found on GitHub currently.