Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

purity

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

5
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2023-36627
Assigner-Pure Storage, Inc.
ShareView Details
Assigner-Pure Storage, Inc.
CVSS Score-7.7||HIGH
EPSS-0.04% / 9.97%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 22:47
Updated-23 Sep, 2024 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FlashBlade Snapshot Scheduler

A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.

Action-Not Available
Vendor-purestoragePure Storage
Product-purityFlashBlade Purity
CVE-2023-31042
Assigner-Pure Storage, Inc.
ShareView Details
Assigner-Pure Storage, Inc.
CVSS Score-7.7||HIGH
EPSS-0.06% / 17.34%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 22:39
Updated-23 Sep, 2024 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FlashBlade Object Store Protocol

A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols.

Action-Not Available
Vendor-purestoragePure Storage
Product-purityFlashBlade Purity
CVE-2023-28372
Assigner-Pure Storage, Inc.
ShareView Details
Assigner-Pure Storage, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 7.17%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 22:20
Updated-20 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FlashBlade Object Store Privileged Access

A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock.

Action-Not Available
Vendor-purestoragePure Storage
Product-purityFlashBlade
CWE ID-CWE-284
Improper Access Control
CVE-2017-7352
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.15% / 36.17%
||
7 Day CHG~0.00%
Published-11 Oct, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configuration > SNMP > Add SNMP Trap Manager' screen.

Action-Not Available
Vendor-purestoragen/a
Product-purityn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2002-1124
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.14% / 35.49%
||
7 Day CHG~0.00%
Published-17 Sep, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables.

Action-Not Available
Vendor-purityn/a
Product-purityn/a