Design/Logic Flaw

2023-10-0223:15:00

PRIOn knowledge base

www.prio-n.com

flashblade

purity

flaw

snapshot schedules

timezone manipulation

3.9 Low

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.4%

JSON

A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.

CPENameOperatorVersion
purityge4.1.0
purityle4.1.2
purityge4.0.0
purityle4.0.5
purityle3.3.7

Name	Operator	Version
purity	ge	4.1.0
purity	le	4.1.2
purity	ge	4.0.0
purity	le	4.0.5
purity	le	3.3.7

References

support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_for_FlashBlade_Snapshot_Scheduler_CVE-2023-36627