Skip to main content
Pure Technical Services

Security Bulletin for FlashBlade Object Store Privileged Access Vulnerability CVE-2023-28372

Currently viewing public documentation. Please login to access the full scope of documentation.



A flaw exists whereby a user with privileges to extend an object’s retention period can  affect the availability of the object lock

Base CVSS 3.1 Score Severity  Vector 
6.5 Medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H


Corrective ActionEdit section

  • This issue is present in FlashBlade Purity (OE) version 4.1.0.
  • This issue is first resolved starting in FlashBlade Purity (OE) version 4.1.1. or later