FlashBlade
by Purestorage
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-0052 | Hig | 0.54 | — | 0.00 | Jun 10, 2025 | Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service. | ||
| CVE-2024-0005 | 0.00 | — | 0.00 | Sep 23, 2024 | A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration. | |||
| CVE-2023-36627 | 0.00 | — | 0.00 | Oct 2, 2023 | A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly. | |||
| CVE-2023-31042 | 0.00 | — | 0.00 | Oct 2, 2023 | A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols. | |||
| CVE-2023-28372 | 0.00 | — | 0.00 | Oct 2, 2023 | A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock. |
- risk 0.54cvss —epss 0.00
Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service.
- CVE-2024-0005Sep 23, 2024risk 0.00cvss —epss 0.00
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration.
- CVE-2023-36627Oct 2, 2023risk 0.00cvss —epss 0.00
A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.
- CVE-2023-31042Oct 2, 2023risk 0.00cvss —epss 0.00
A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols.
- CVE-2023-28372Oct 2, 2023risk 0.00cvss —epss 0.00
A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock.