122 matches found
CVE-2025-2327
A flaw exists in FlashArray whereby the Key Encryption Key KEK is logged during key rotation when RDL is configured...
CVE-2025-2327
A flaw exists in FlashArray whereby the Key Encryption Key KEK is logged during key rotation when RDL is configured...
CVE-2025-2327 FlashArray KEK Logging Vulnerability
A flaw exists in FlashArray whereby the Key Encryption Key KEK is logged during key rotation when RDL is configured...
CVE-2025-2327 FlashArray KEK Logging Vulnerability
A flaw exists in FlashArray whereby the Key Encryption Key KEK is logged during key rotation when RDL is configured...
CVE-2025-2327
CVE-2025-2327 affects Pure Storage FlashArray. A KEK is logged during key rotation when RDL is configured, potentially enabling information disclosure of KEKs. Documented impact is limited to what is stated; exploitation details are not provided in the supplied materials. Some connected sources n...
PT-2025-25571 · Pure Storage · Pure Storage Flasharray
Name of the Vulnerable Software and Affected Versions: Pure Storage FlashArray affected versions not specified Description: A flaw exists in FlashArray whereby the Key Encryption Key KEK is logged during key rotation when RDL is configured. Recommendations: At the moment, there is no information...
Pure Storage FlashArray 安全漏洞
Pure Storage FlashArray is an all QLC flash storage array from Pure Storage, Inc. A security vulnerability exists in Pure Storage FlashArray that originates from logging key encryption keys during key rotation, which could lead to information disclosure...
CVE-2025-0051 FlashArray DOS Vulnerability
Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service...
CVE-2025-0051
CVE-2025-0051 describes an issue in Pure Storage FlashArray where improper input validation during authentication can cause a Denial of Service. The connected documents identify the affected product (FlashArray) and the root cause (input validation during authentication) with the impact being DoS...
CVE-2025-0051 FlashArray DOS Vulnerability
Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service...
PT-2025-24893 · Pure Storage · Pure Storage Flasharray
Name of the Vulnerable Software and Affected Versions: Pure Storage FlashArray affected versions not specified Description: The issue is related to improper input validation during the authentication process, which could lead to a system Denial of Service. Recommendations: At the moment, there is...
Pure Storage FlashArray 输入验证错误漏洞
Pure Storage FlashArray is an all QLC flash storage array from Pure Storage, Inc. A security vulnerability exists in Pure Storage FlashArray that originates from improper input validation during the authentication process, which could result in a system denial of service...
CVE-2023-28373
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...
CVE-2023-32572
A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection...
CVE-2023-36628
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation...
CVE-2022-32552
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable t...
CVE-2024-3057
A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation...
CVE-2024-0003
A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...
CVE-2024-0005
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration...
CVE-2024-0001
A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges...