Purestorage Purity//fa — known CVE vulnerabilities
Every CVE whose affected-product data names Purestorage Purity//fa, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2024-0001 — CVSS 10.0 (critical): A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially…
CVE-2024-0002 — CVSS 10.0 (critical): A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
CVE-2024-0003 — CVSS 9.1 (critical): A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the…
CVE-2024-0005 — CVSS 9.1 (critical): A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a…
CVE-2024-0004 — CVSS 9.1 (critical): A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege…
CVE-2023-36628 — CVSS 8.8 (high): A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege…
CVE-2023-32572 — CVSS 6.5 (medium): A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and…
CVE-2023-28373 — CVSS 4.4 (medium): A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of…