Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable to possibly exposed credentials for accessing the product’s management interface. The password may be known outside Pure Storage and could be used on an affected system, if reachable, to execute arbitrary instructions with root privileges. No other Pure Storage products or services are affected. Remediation is available from Pure Storage via a self-serve “opt-in” patch, manual patch application or a software upgrade to an unaffected version of Purity software.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pure Storage FlashArray 和 FlashBlade 安全漏洞
Vulnerability Description
Pure Storage FlashArray和Pure Storage FlashBlade都是美国Pure Storage公司的产品。Pure Storage FlashArray是一种全 QLC 闪存存储阵列。Pure Storage FlashBlade是一个用于文件和对象工作负载的整合存储平台。 Pure Storage存在安全漏洞,该漏洞源于用于访问产品管理界面的可能暴露的凭据,该密码可能在 Pure Storage 之外是已知的,攻击者利用该漏洞可以在受影响的系统上使用以 root 权限执行
CVSS Information
N/A
Vulnerability Type
N/A