7.7
CVE-2023-31042
- EPSS 0.49%
- Veröffentlicht 02.10.2023 23:15:12
- Zuletzt bearbeitet 21.11.2024 08:01:18
- Quelle psirt@purestorage.com
- CVE-Watchlists
- Unerledigt
LoginFlashBlade Object Store Protocol
A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Purestorage ≫ Purity Version <= 3.3.6
Purestorage ≫ Purity Version >= 4.0.0 <= 4.0.4
Purestorage ≫ Purity Version >= 4.1.0 <= 4.1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.49% | 0.384 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
| psirt@purestorage.com | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
https://support.purestorage.com/Employee_Handbooks/Technical_Services/PSIRT/Security_Bulletin_for_FlashBlade_Object_Store_Protocol_CVE-2023-31042