Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog Docs About Contact

pure storage vulnerabilities and exploits

(subscribe to this query)
8.7
CVSSv4

CVE-2025-0051

Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service.
Pure Storage Flasharray
8.3
CVSSv4

CVE-2025-0052

Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service.
Pure Storage Flashblade
5.1
CVSSv4

CVE-2025-2327

A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is logged during key rotation when RDL is configured.
Pure Storage Flasharray
8.4
CVSSv4

CVE-2025-1308

A vulnerability exists in PX Backup whereby sensitive information may be logged under specific conditions.
Pure Storage Px Backup
2.7
CVSSv3

CVE-2023-28372

A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock.
Pure Storage FlashbladePurestorage Purity
2.7
CVSSv3

CVE-2023-36627

A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.
Pure Storage Flashblade PurityPurestorage Purity
4.3
CVSSv3

CVE-2023-31042

A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols.
Pure Storage Flashblade PurityPurestorage Purity
8.8
CVSSv3

CVE-2023-36628

A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.
Pure Storage Flasharray PurityPurestorage Purity//fa
4.9
CVSSv3

CVE-2023-32572

A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.
Pure Storage Flasharray PurityPurestorage Purity//fa
9.8
CVSSv3

CVE-2024-0001

A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges.
Purestorage Flasharray 6.3.0Purestorage Flasharray 6.4.0Pure Storage FlasharrayPurestorage Purity//fa
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
injectCVE-2025-51381IDORnvidiaCVE-2025-4123CVE-2025-2783CVE-2025-30678remote attackersCVE-2025-48443kcm3100CVE-2025-6196tarteaucitron.ioadrian ladóearch icon">CVE-2023-33538
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook