cbcvebase.

Purestorage Flasharray vulnerabilities

6 known vulnerabilities affecting purestorage/flasharray.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-0002P2CRITICALCVSS 9.8≥ 5.3.17, ≤ 5.3.21≥ 6.1.8, ≤ 6.1.25+5 more2024-09-23
CVE-2024-0002 [CRITICAL] CWE-287 CVE-2024-0002: A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
nvd
CVE-2024-0005P3HIGHCVSS 8.8≥ 5.0.0, ≤ 5.0.11≥ 5.1.0, ≤ 5.1.17+9 more2024-09-23
CVE-2024-0005 [HIGH] CWE-77 CVE-2024-0005: A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitr A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration.
nvd
CVE-2024-3057P3CRITICALCVSS 9.8≥ 6.6.2, ≤ 6.6.52024-10-08
CVE-2024-3057 [CRITICAL] CWE-269 CVE-2024-3057: A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege es A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation.
nvd
CVE-2024-0004P3HIGHCVSS 7.2≥ 5.0.0, ≤ 5.0.11≥ 5.1.0, ≤ 5.1.17+8 more2024-09-23
CVE-2024-0004 [HIGH] CWE-94 CVE-2024-0004: A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array.
nvd
CVE-2024-0003P3HIGHCVSS 7.2≥ 5.3.17, ≤ 5.3.21≥ 6.1.8, ≤ 6.1.25+5 more2024-09-23
CVE-2024-0003 [HIGH] CWE-269 CVE-2024-0003: A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative s A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access.
nvd
CVE-2026-0209P3MEDIUMCVSS 6.9≥ 5.0.0, ≤ 5.3.21≥ 6.0.0, ≤ 6.4.10+6 more2026-04-14
CVE-2026-0209 [MEDIUM] CWE-783 CVE-2026-0209: Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies ear Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured.
nvd
Purestorage Flasharray vulnerabilities | cvebase