Lucene search
HistoryOct 02, 2023 - 11:15 p.m.
CVE-2023-36627
flashblade
purity
admin
timezone
schedules
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
21.8%
A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.
Affected configurations
Node
purestoragepurityRange≤3.3.7
ORpurestoragepurityRange4.0.0–4.0.5
ORpurestoragepurityRange4.1.0–4.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| purestorage | purity | * | cpe:2.3:a:purestorage:purity:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2023-10-02 23:15:00
vulnrichment
vulnrichment
CVE-2023-36627 FlashBlade Snapshot Scheduler
2023-10-02 22:47:12
cvelist
cvelist
CVE-2023-36627 FlashBlade Snapshot Scheduler
2023-10-02 22:47:12
cve
cve
CVE-2023-36627
2023-10-02 23:15:12
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
21.8%
Related for NVD:CVE-2023-36627