Lucene search
HistoryOct 03, 2023 - 12:15 a.m.
CVE-2023-32572
cve-2023-32572
flasharray purity
retention lock
pgroup
safemode protection
nvd
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
5.1 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.0%
A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.
Affected configurations
Node
purestoragepurity\/\/faRange6.3.0–6.3.7
ORpurestoragepurity\/\/faRange6.4.0–6.4.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| purestorage:purity\/\/fa | purestorage purity//fa | le | 6.3.7 |
| purestorage:purity\/\/fa | purestorage purity//fa | le | 6.4.1 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"modules": [
"pgroup SafeMode"
],
"product": "FlashArray Purity",
"vendor": "Pure Storage",
"versions": [
{
"lessThanOrEqual": "6.3.7",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.4.1",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-32572
2023-10-03 00:15:09
cvelist
cvelist
CVE-2023-32572 FlashArray pgroup Retention Lock SafeMode Protection
2023-10-02 23:09:04
prion
prion
Design/Logic Flaw
2023-10-03 00:15:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
5.1 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.0%
Related for CVE-2023-32572