Lucene search
K

157 matches found

CNNVD
CNNVD
added 2023/10/02 12:0 a.m.4 views

Pure Storage FlashBlade Security Vulnerability

Pure Storage FlashBlade is a consolidated storage platform for file and object workloads from U.S.-based Pure Storage. A security vulnerability exists in FlashBlade Purity that arises from a user with access to an administrative account on a FlashBlade that is configured with a snapshot schedule...

7.7CVSS6.7AI score0.00489EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/02 12:0 a.m.6 views

Pure Storage FlashBlade Security Vulnerability

Pure Storage FlashBlade is a consolidated storage platform for file and object workloads from U.S.-based Pure Storage. A security vulnerability exists in FlashBlade Purity, which stems from a flaw in FlashBlade Purity that could affect the availability of the system's data access and replication...

7.7CVSS6.7AI score0.00493EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/02 12:0 a.m.4 views

PT-2023-23881 · Pure Storage · Flasharray Purity

Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection...

6.5CVSS6.8AI score0.00398EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/10/02 12:0 a.m.3 views

PT-2023-25641 · Pure Storage · Flashblade Purity

Name of the Vulnerable Software and Affected Versions: FlashBlade Purity affected versions not specified Description: A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can...

7.7CVSS3.4AI score0.00489EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/09/04 11:27 a.m.42 views

CVE-2023-2813 Multiple Themes - Reflected XSS

All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2,...

6.2AI score0.00972EPSS
Exploits2References1
OSV
OSV
added 2022/06/23 5:15 p.m.3 views

CVE-2022-32552

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

8.8CVSS5.8AI score0.01072EPSS
Exploits0References1
OSV
OSV
added 2022/06/23 5:15 p.m.4 views

CVE-2022-32554

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

9.8CVSS7.5AI score0.01204EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.1 views

CVE-2022-32553

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

9CVSS7.2AI score0.01072EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.4 views

CVE-2022-32554

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

10CVSS7.5AI score0.01204EPSS
Exploits0References2
NVD
NVD
added 2022/06/23 5:15 p.m.9 views

CVE-2022-32553

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

9CVSS0.01072EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.4 views

CVE-2022-32552

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

9CVSS7.2AI score0.01072EPSS
Exploits0References2
Prion
Prion
added 2022/06/23 5:15 p.m.20 views

Design/Logic Flaw

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

10CVSS9.7AI score0.01204EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2022/06/23 5:15 p.m.18 views

Privilege escalation

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...

9CVSS8.9AI score0.01072EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2022/06/22 2:25 p.m.72 views

CVE-2022-32554

CVE-2022-32554 affects Pure Storage FlashArray (Purity//FA) and FlashBlade (Purity//FB) releases prior to patches: FA 6.2.0–6.2.3, 6.1.0–6.1.12, 6.0.0–6.0.8, 5.3.0–5.3.17, 5.2.x and earlier; FB 3.3.0, 3.2.0–3.2.4, 3.1.0–3.1.12, 3.0.x and earlier. The issue allows possibly exposed credentials to a...

10CVSS9.7AI score0.01204EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/06/22 2:22 p.m.69 views

CVE-2022-32552

CVE-2022-32552 affects Pure Storage FlashArray (Purity//FA) versions 5.2.x and prior through 6.2.3, and FlashBlade (Purity//FB) 3.0.x through 3.3.0. The root cause is a privilege-escalation vulnerability caused by manipulation of Python environment variables, which an authenticated user can explo...

9CVSS8.8AI score0.01072EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/06/22 2:7 p.m.66 views

CVE-2022-32553

CVE-2022-32553 affects Pure Storage FlashArray (Purity//FA) versions 5.2.x and prior up to 6.2.3, and FlashBlade (Purity//FB) up to 3.3.0; vulnerability is privilege escalation via manipulation of environment variables. A logged-in user can escape a restricted shell to an unrestricted shell with ...

9CVSS8.8AI score0.01072EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2019/09/08 1:53 p.m.13 views

purity-through-fire.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-958707 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting purity-through-fire.com...

Exploits0
CNVD
CNVD
added 2017/10/16 12:0 a.m.5 views

Pure Storage Purity Cross-Site Scripting Vulnerability

Pure Storage Purity is a storage appliance from the American company Pure Storage. A cross-site scripting vulnerability exists in Pure Storage Purity version 4.7.5. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'host' parameter...

5.4CVSS5.3AI score0.00595EPSS
Exploits1References1
NVD
NVD
added 2017/10/11 6:29 a.m.12 views

CVE-2017-7352

Stored Cross-site scripting XSS vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System Configuration SNMP Add SNMP Trap Manager' screen...

5.4CVSS5.1AI score0.00595EPSS
Exploits1References1
Prion
Prion
added 2017/10/11 6:29 a.m.12 views

Cross site scripting

Stored Cross-site scripting XSS vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System Configuration SNMP Add SNMP Trap Manager' screen...

3.5CVSS5AI score0.00595EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder