157 matches found
Pure Storage FlashBlade Security Vulnerability
Pure Storage FlashBlade is a consolidated storage platform for file and object workloads from U.S.-based Pure Storage. A security vulnerability exists in FlashBlade Purity that arises from a user with access to an administrative account on a FlashBlade that is configured with a snapshot schedule...
Pure Storage FlashBlade Security Vulnerability
Pure Storage FlashBlade is a consolidated storage platform for file and object workloads from U.S.-based Pure Storage. A security vulnerability exists in FlashBlade Purity, which stems from a flaw in FlashBlade Purity that could affect the availability of the system's data access and replication...
PT-2023-23881 · Pure Storage · Flasharray Purity
Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection...
PT-2023-25641 · Pure Storage · Flashblade Purity
Name of the Vulnerable Software and Affected Versions: FlashBlade Purity affected versions not specified Description: A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can...
CVE-2023-2813 Multiple Themes - Reflected XSS
All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2,...
CVE-2022-32552
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2022-32554
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2022-32553
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2022-32554
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2022-32553
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2022-32552
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
Design/Logic Flaw
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
Privilege escalation
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2022-32554
CVE-2022-32554 affects Pure Storage FlashArray (Purity//FA) and FlashBlade (Purity//FB) releases prior to patches: FA 6.2.0–6.2.3, 6.1.0–6.1.12, 6.0.0–6.0.8, 5.3.0–5.3.17, 5.2.x and earlier; FB 3.3.0, 3.2.0–3.2.4, 3.1.0–3.1.12, 3.0.x and earlier. The issue allows possibly exposed credentials to a...
CVE-2022-32552
CVE-2022-32552 affects Pure Storage FlashArray (Purity//FA) versions 5.2.x and prior through 6.2.3, and FlashBlade (Purity//FB) 3.0.x through 3.3.0. The root cause is a privilege-escalation vulnerability caused by manipulation of Python environment variables, which an authenticated user can explo...
CVE-2022-32553
CVE-2022-32553 affects Pure Storage FlashArray (Purity//FA) versions 5.2.x and prior up to 6.2.3, and FlashBlade (Purity//FB) up to 3.3.0; vulnerability is privilege escalation via manipulation of environment variables. A logged-in user can escape a restricted shell to an unrestricted shell with ...
purity-through-fire.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-958707 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting purity-through-fire.com...
Pure Storage Purity Cross-Site Scripting Vulnerability
Pure Storage Purity is a storage appliance from the American company Pure Storage. A cross-site scripting vulnerability exists in Pure Storage Purity version 4.7.5. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'host' parameter...
CVE-2017-7352
Stored Cross-site scripting XSS vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System Configuration SNMP Add SNMP Trap Manager' screen...
Cross site scripting
Stored Cross-site scripting XSS vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System Configuration SNMP Add SNMP Trap Manager' screen...