Purestorage Flasharray
6 CVEs affecting Purestorage Flasharray. Latest disclosed: 2026-04-14. Critical: 5, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0002 | Critical | 10.0 | 2024-09-23 | A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array. |
CVE-2024-3057 | Critical | 9.8 | 2024-10-08 | A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation. |
CVE-2024-0005 | Critical | 9.1 | 2024-09-23 | A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP c… |
CVE-2024-0004 | Critical | 9.1 | 2024-09-23 | A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array. |
CVE-2024-0003 | Critical | 9.1 | 2024-09-23 | A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privilege… |
CVE-2026-0209 | | 2026-04-14 | Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured. |