CVE-2025-0052

Summary

Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service.

Affected Software

VendorProductVersion RangeStatus
Pure StorageFlashBlade3.3.0 <= 3.3.11affected
Pure StorageFlashBlade4.0.0 <= 4.0.6affected
Pure StorageFlashBlade4.1.0 <= 4.1.20affected
Pure StorageFlashBlade4.2.0 <= 4.2.3affected
Pure StorageFlashBlade4.3.0 <= 4.3.12affected
Pure StorageFlashBlade4.4.0 <= 4.4.6affected
Pure StorageFlashBlade4.5.0 <= 4.5.2affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References