CVE-2023-28373

Summary

A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode.

Affected Software

VendorProductVersion RangeStatus
Pure StorageFlashArray Purity6.1.0 <= 6.1.22affected
Pure StorageFlashArray Purity6.2.0 <= 6.2.15affected
Pure StorageFlashArray Purity6.3.0 <= 6.3.6affected
Pure StorageFlashArray Purity6.4.0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References