Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog Docs About Contact

flasharray vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3

CVE-2024-0001

A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges.
Purestorage Flasharray 6.3.0Purestorage Flasharray 6.4.0Pure Storage FlasharrayPurestorage Purity//fa
8.7
CVSSv4

CVE-2025-0051

Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service.
Pure Storage Flasharray
5.1
CVSSv4

CVE-2025-2327

A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is logged during key rotation when RDL is configured.
Pure Storage Flasharray
8.8
CVSSv3

CVE-2023-36628

A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.
Pure Storage Flasharray PurityPurestorage Purity//fa
4.9
CVSSv3

CVE-2023-32572

A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.
Pure Storage Flasharray PurityPurestorage Purity//fa
2.7
CVSSv3

CVE-2023-28373

A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode.
Pure Storage Flasharray PurityPurestorage Purity//faPurestorage Purity//fa 6.4.0
9.8
CVSSv3

CVE-2024-3057

A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation.
9.8
CVSSv3

CVE-2024-0002

A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
Purestorage Purity//faPurestorage Purity//fa 6.5.0
8.8
CVSSv3

CVE-2024-0005

A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration.
Purestorage Purity//faPurestorage Purity//fa 6.5.0Purestorage Purity//fa 6.6.0Purestorage Purity//fbPurestorage Purity//fb 4.3.0Purestorage Purity//fb 4.3.1
7.2
CVSSv3

CVE-2024-0004

A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array.
Purestorage Purity//faPurestorage Purity//fa 6.5.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
injectCVE-2025-51381IDORnvidiaCVE-2025-4123CVE-2025-2783CVE-2025-30678remote attackersCVE-2025-48443kcm3100CVE-2025-6196tarteaucitron.ioadrian ladóearch icon">CVE-2023-33538
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook