CVE-2025-0051

Summary

Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service.

Affected Software

VendorProductVersion RangeStatus
Pure StorageFlashArray5.0.0 <= 5.0.11affected
Pure StorageFlashArray5.1.1 <= 5.1.17affected
Pure StorageFlashArray5.2.0 <= 5.2.7affected
Pure StorageFlashArray5.3.0 <= 5.3.21affected
Pure StorageFlashArray6.0.0 <= 6.0.9affected
Pure StorageFlashArray6.1.0 <= 6.1.25affected
Pure StorageFlashArray6.2.0 <= 6.2.17affected
Pure StorageFlashArray6.3.0 <= 6.3.20affected
Pure StorageFlashArray6.4.0 <= 6.4.10affected
Pure StorageFlashArray6.5.0 <= 6.5.9affected
Pure StorageFlashArray6.6.0 <= 6.6.11affected
Pure StorageFlashArray6.7.0 <= 6.7.1affected
Pure StorageFlashArray6.8.0 <= 6.8.2affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References