Flasharray
Monthly
Privilege escalation in the Pure Storage FlashArray Purity management interface allows an authenticated low-privileged user to invoke functionality reserved for higher-privileged roles, yielding high confidentiality and integrity impact on managed storage. The CVSS 4.0 score of 8.6 reflects network reach with only low privileges required and no user interaction, though no public exploit identified at time of analysis and SSVC marks exploitation status as none.
Information disclosure in Pure Storage FlashArray Purity (versions 6.5.0-6.5.8 and 6.10.0-6.10.5) allows an authenticated low-privileged user to retrieve sensitive data via insufficiently filtered data paths. The flaw carries a CVSS 4.0 score of 8.7 with high confidentiality, integrity, and availability impact, but SSVC indicates no public exploitation and the attack is not automatable. No public exploit has been identified at the time of analysis.
Privilege escalation in the Pure Storage FlashArray Purity management interface allows an authenticated low-privileged user to invoke functionality reserved for higher-privileged roles, yielding high confidentiality and integrity impact on managed storage. The CVSS 4.0 score of 8.6 reflects network reach with only low privileges required and no user interaction, though no public exploit identified at time of analysis and SSVC marks exploitation status as none.
Information disclosure in Pure Storage FlashArray Purity (versions 6.5.0-6.5.8 and 6.10.0-6.10.5) allows an authenticated low-privileged user to retrieve sensitive data via insufficiently filtered data paths. The flaw carries a CVSS 4.0 score of 8.7 with high confidentiality, integrity, and availability impact, but SSVC indicates no public exploitation and the attack is not automatable. No public exploit has been identified at the time of analysis.