Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configuration > SNMP > Add SNMP Trap Manager' screen.
5.4CVSS
5AI Score
0.001EPSS
A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an objectโs retention period can affect the availability of the object lock.
6.5CVSS
3.9AI Score
0.001EPSS
A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBladeโs object store protocol can impact the availability of the systemโs data access and replication protocols.
7.7CVSS
4.4AI Score
0.001EPSS
A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.
7.7CVSS
3.9AI Score
0.001EPSS