nvd-json-data-feeds/CVE-2023/CVE-2023-310xx/CVE-2023-31042.json

{
  "id": "CVE-2023-31042",
  "sourceIdentifier": "psirt@purestorage.com",
  "published": "2023-10-02T23:15:12.397",
  "lastModified": "2023-10-05T15:46:26.893",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade\u2019s object store protocol can impact the availability of the system\u2019s data access and replication protocols. \n\n"
    },
    {
      "lang": "es",
      "value": "Existe una falla en FlashBlade Purity por la cual un usuario autenticado con acceso al protocolo de almacenamiento de objetos de FlashBlade puede afectar la disponibilidad de los protocolos de replicaci\u00f3n y acceso a datos del sistema."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "LOW",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      },
      {
        "source": "psirt@purestorage.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:purestorage:purity:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "3.3.6",
              "matchCriteriaId": "0CAD37B1-C5AC-4CD5-98DB-9D71FDA4436A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:purestorage:purity:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.0.0",
              "versionEndIncluding": "4.0.4",
              "matchCriteriaId": "5A110562-3372-4131-9D8E-8CEA1522BF76"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:purestorage:purity:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.1.0",
              "versionEndIncluding": "4.1.1",
              "matchCriteriaId": "D9DDCB7D-6ADD-4C60-9B4B-1FC08832ECC4"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.purestorage.com/Employee_Handbooks/Technical_Services/PSIRT/Security_Bulletin_for_FlashBlade_Object_Store_Protocol_CVE-2023-31042",
      "source": "psirt@purestorage.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
Auto-Update: 2023-10-02T23:55:24.052218+00:00 2023-10-02 23:55:27 +00:00			`{`
			`"id": "CVE-2023-31042",`
			`"sourceIdentifier": "psirt@purestorage.com",`
			`"published": "2023-10-02T23:15:12.397",`
Auto-Update: 2023-10-05T16:00:26.322119+00:00 2023-10-05 16:00:30 +00:00			`"lastModified": "2023-10-05T15:46:26.893",`
			`"vulnStatus": "Analyzed",`
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`"cveTags": [],`
Auto-Update: 2023-10-02T23:55:24.052218+00:00 2023-10-02 23:55:27 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade\u2019s object store protocol can impact the availability of the system\u2019s data access and replication protocols. \n\n"`
Auto-Update: 2023-10-03T14:00:25.272763+00:00 2023-10-03 14:00:28 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "Existe una falla en FlashBlade Purity por la cual un usuario autenticado con acceso al protocolo de almacenamiento de objetos de FlashBlade puede afectar la disponibilidad de los protocolos de replicaci\u00f3n y acceso a datos del sistema."`
Auto-Update: 2023-10-02T23:55:24.052218+00:00 2023-10-02 23:55:27 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
Auto-Update: 2023-10-05T16:00:26.322119+00:00 2023-10-05 16:00:30 +00:00			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "LOW",`
			`"baseScore": 4.3,`
			`"baseSeverity": "MEDIUM"`
			`},`
			`"exploitabilityScore": 2.8,`
			`"impactScore": 1.4`
			`},`
Auto-Update: 2023-10-02T23:55:24.052218+00:00 2023-10-02 23:55:27 +00:00			`{`
			`"source": "psirt@purestorage.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "CHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 7.7,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 3.1,`
			`"impactScore": 4.0`
			`}`
			`]`
			`},`
Auto-Update: 2023-10-05T16:00:26.322119+00:00 2023-10-05 16:00:30 +00:00			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "NVD-CWE-noinfo"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:purestorage:purity::::::::",`
			`"versionEndIncluding": "3.3.6",`
			`"matchCriteriaId": "0CAD37B1-C5AC-4CD5-98DB-9D71FDA4436A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:purestorage:purity::::::::",`
			`"versionStartIncluding": "4.0.0",`
			`"versionEndIncluding": "4.0.4",`
			`"matchCriteriaId": "5A110562-3372-4131-9D8E-8CEA1522BF76"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:purestorage:purity::::::::",`
			`"versionStartIncluding": "4.1.0",`
			`"versionEndIncluding": "4.1.1",`
			`"matchCriteriaId": "D9DDCB7D-6ADD-4C60-9B4B-1FC08832ECC4"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2023-10-02T23:55:24.052218+00:00 2023-10-02 23:55:27 +00:00			`"references": [`
			`{`
			`"url": "https://support.purestorage.com/Employee_Handbooks/Technical_Services/PSIRT/Security_Bulletin_for_FlashBlade_Object_Store_Protocol_CVE-2023-31042",`
Auto-Update: 2023-10-05T16:00:26.322119+00:00 2023-10-05 16:00:30 +00:00			`"source": "psirt@purestorage.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2023-10-02T23:55:24.052218+00:00 2023-10-02 23:55:27 +00:00			`}`
			`]`
			`}`