Purestorage Flasharray vulnerabilities
6 known vulnerabilities affecting purestorage/flasharray.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-0002P2CRITICALCVSS 9.8≥ 5.3.17, ≤ 5.3.21≥ 6.1.8, ≤ 6.1.25+5 more2024-09-23
CVE-2024-0002 [CRITICAL] CWE-287 CVE-2024-0002: A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
nvd
CVE-2024-0005P3HIGHCVSS 8.8≥ 5.0.0, ≤ 5.0.11≥ 5.1.0, ≤ 5.1.17+9 more2024-09-23
CVE-2024-0005 [HIGH] CWE-77 CVE-2024-0005: A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitr
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration.
nvd
CVE-2024-3057P3CRITICALCVSS 9.8≥ 6.6.2, ≤ 6.6.52024-10-08
CVE-2024-3057 [CRITICAL] CWE-269 CVE-2024-3057: A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege es
A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation.
nvd
CVE-2024-0004P3HIGHCVSS 7.2≥ 5.0.0, ≤ 5.0.11≥ 5.1.0, ≤ 5.1.17+8 more2024-09-23
CVE-2024-0004 [HIGH] CWE-94 CVE-2024-0004: A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary
A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array.
nvd
CVE-2024-0003P3HIGHCVSS 7.2≥ 5.3.17, ≤ 5.3.21≥ 6.1.8, ≤ 6.1.25+5 more2024-09-23
CVE-2024-0003 [HIGH] CWE-269 CVE-2024-0003: A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative s
A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access.
nvd
CVE-2026-0209P3MEDIUMCVSS 6.9≥ 5.0.0, ≤ 5.3.21≥ 6.0.0, ≤ 6.4.10+6 more2026-04-14
CVE-2026-0209 [MEDIUM] CWE-783 CVE-2026-0209: Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies ear
Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured.
nvd