51 matches found
CVE-2022-32552
CVE-2022-32552 affects Pure Storage FlashArray (Purity//FA) versions 5.2.x and prior through 6.2.3, and FlashBlade (Purity//FB) 3.0.x through 3.3.0. The root cause is a privilege-escalation vulnerability caused by manipulation of Python environment variables, which an authenticated user can explo...
CVE-2022-32553
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2022-32553
CVE-2022-32553 affects Pure Storage FlashArray (Purity//FA) versions 5.2.x and prior up to 6.2.3, and FlashBlade (Purity//FB) up to 3.3.0; vulnerability is privilege escalation via manipulation of environment variables. A logged-in user can escape a restricted shell to an unrestricted shell with ...
Release Information for Everpure FlashArray Plug-In for Veeam Backup & Replication
This plug-in leverages the Veeam Universal Storage API, which enables storage OEMs to allow Veeam Backup & Replication integration to the arrays for backup and replication jobs. Requirements Before installing Everpure FlashArray Plug-In v2.2.331, ensure that you are running Veeam Backup &...
How to configure Veeam B&R to work with replicated volume snapshots on the target Pure Storage array
Replicated volume snapshots on the target Pure Storage array are not displayed in the storage system hierarchy in the Veeam Backup & Replication console...
Pure Storage Purity Cross-Site Scripting Vulnerability
Pure Storage Purity is a storage appliance from the American company Pure Storage. A cross-site scripting vulnerability exists in Pure Storage Purity version 4.7.5. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'host' parameter...
CVE-2017-7352
Stored Cross-site scripting XSS vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System Configuration SNMP Add SNMP Trap Manager' screen...
Cross site scripting
Stored Cross-site scripting XSS vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System Configuration SNMP Add SNMP Trap Manager' screen...
CVE-2017-7352
Stored Cross-site scripting XSS vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System Configuration SNMP Add SNMP Trap Manager' screen...
CVE-2017-7352
The CVE-2017-7352 entry describes a Stored Cross-Site Scripting (XSS) vulnerability in Pure Storage Purity 4.7.5. The issue is triggered by the host parameter on the System > Configuration > SNMP > Add SNMP Trap Manager screen, allowing remote authenticated users to inject arbitrary web ...
blog.purestorage.com XSS vulnerability
Open Bug Bounty ID: OBB-152017 Description| Value ---|--- Affected Website:| blog.purestorage.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...