Fa 6.3.0

CVSS 4.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

purestorage

NVD

Published: 2023-10-03

Updated: 2023-10-05

Summary

A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.

Vulnerable Configurations

Part	Description	Count
Application	Purestorage Purestorage Purity//Fa * Purestorage Purity//Fa 6.3.0	2

References

https://https://support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_-_FlashArray_pgroup_Retention_Lock_SafeMode_Protection_CVE-2023-32572