Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-28373: Security Bulletin for FlashArray SafeMode Immutable Vulnerability CVE-2023-28373

A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode.

CVE
Open in Source
#vulnerability#mac#pdf

  1. Last updated

  2. Save as PDF

****Summary** **

A flaw exists whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode. Pure Storage has (Reserved) CVE-2023-28373 in response to this issue.

Base CVSS 3.1 Score

Severity

Vector

4.4

Medium

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

****Corrective Action****

  • This issue is present in FlashArray Purity (OE) versions 6.1.22 and prior, 6.2.15 and prior, 6.3.6 and prior, 6.4.0 and prior
  • This issue is resolved in //FlashArray Purity (OE) versions 6.1.23, 6.2.16, 6.3.7, 6.4.1

****Acknowledgements/ References****

  • Pure Storage thanks the Mountain America Credit Union (MACU) team for reporting this issue.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE