Vulnerabilities > CVE-2023-36627 - Unspecified vulnerability in Purestorage Purity
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
NONE Integrity impact
NONE Availability impact
LOW Summary
A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- https://support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_for_FlashBlade_Snapshot_Scheduler_CVE-2023-36627
- https://support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_for_FlashBlade_Snapshot_Scheduler_CVE-2023-36627