CVE-2023-28373

{"id": "CVE-2023-28373", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@purestorage.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.7}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.2}]}, "published": "2023-10-03T00:15:09.913", "references": [{"url": "https://support.purestorage.com/Employee_Handbooks/Technical_Services/PSIRT/Security_Bulletin_for_FlashArray_SafeMode_Immutable_Vulnerability_CVE-2023-28373", "tags": ["Vendor Advisory"], "source": "psirt@purestorage.com"}, {"url": "https://support.purestorage.com/Employee_Handbooks/Technical_Services/PSIRT/Security_Bulletin_for_FlashArray_SafeMode_Immutable_Vulnerability_CVE-2023-28373", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode. \n"}, {"lang": "es", "value": "Existe una falla en FlashArray Purity por la cual un administrador de matriz, al configurar un administrador de claves externo, puede afectar la disponibilidad de los datos en el sistema, incluidas las instant\u00e1neas protegidas por SafeMode."}], "lastModified": "2024-11-21T07:54:56.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:purestorage:purity\\/\\/fa:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F59FAA6-8982-4800-A1C4-10F22D48EC8A", "versionEndIncluding": "6.1.22", "versionStartIncluding": "6.1.0"}, {"criteria": "cpe:2.3:a:purestorage:purity\\/\\/fa:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FFCC8E3-F18E-4013-AE72-7C2FBB9AAA73", "versionEndIncluding": "6.2.15", "versionStartIncluding": "6.2.0"}, {"criteria": "cpe:2.3:a:purestorage:purity\\/\\/fa:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C2DB4EF-77FB-43E8-B87B-D1B8173BB6EB", "versionEndIncluding": "6.3.6", "versionStartIncluding": "6.3.0"}, {"criteria": "cpe:2.3:a:purestorage:purity\\/\\/fa:6.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B9E8C5D-640F-42DB-8842-5D381EF9FF35"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@purestorage.com"}