A denial-of-service vulnerability has been identified in Pure Storage FlashArray due to improper input validation during the authentication process. This issue could lead to a system-wide denial-of-service condition.
Exploitation of this vulnerability can cause a system-wide denial-of-service, disrupting normal operations and availability of the affected service or application.
Affected customers can apply a self-service patch bundle or upgrade to an unaffected version of Purity. For FlashArray, the issue is resolved in Purity//FA versions 6.3.15 or later, 6.5.1 or later, and 6.6.1 or later. For FlashBlade, the vulnerability is fixed in Purity//FB versions 4.1.11 or later and 4.3.2 or later.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
