CVE-2025-9127

Summary

A vulnerability exists in PX Enterprise whereby sensitive information may be logged under specific conditions.

Affected Software

VendorProductVersion RangeStatus
Pure StoragePX Enterprise3.3.0, 3.3.1, 3.3.1.1, 3.3.1.2affected
Pure StoragePX Enterprise3.2.0, 3.2.1, 3.2.2, 3.2.3affected
Pure StoragePX Enterprise3.1.1 <= 3.1.8affected
Pure StoragePX Enterprise2.13.12affected

Weaknesses

  • CWE-116: CWE-116 Improper Encoding or Escaping of Output

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References