Lucene search
HistoryOct 02, 2023 - 11:15 p.m.
CVE-2023-28372
cve-2023-28372
flashblade
purity (oe)
object retention
availability
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
21.8%
A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock.
Affected configurations
Node
purestoragepurityRange≤4.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| purestorage | purity | * | cpe:2.3:a:purestorage:purity:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-28372 FlashBlade Object Store Privileged Access
2023-10-02 22:20:21
cve
cve
CVE-2023-28372
2023-10-02 23:15:12
vulnrichment
vulnrichment
CVE-2023-28372 FlashBlade Object Store Privileged Access
2023-10-02 22:20:21
prion
prion
Design/Logic Flaw
2023-10-02 23:15:00
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
21.8%
Related for NVD:CVE-2023-28372