Denial of Service Risk in Pure Storage FlashArray Products
CVE-2025-0051

8.7HIGH

Key Information:

Vendor: Pure Storage
Status: Flasharray
Vendor: CVE Published:; 10 June 2025

🔔 Create Pure Storage Vulnerability Alert

What is CVE-2025-0051?

The vulnerability arises from inadequate input validation in the authentication process of Pure Storage FlashArray systems. This flaw could be exploited by an attacker to trigger a Denial of Service (DoS), potentially disrupting the availability of critical storage services. It highlights the importance of implementing robust input validation mechanisms to prevent unauthorized access and ensure system resilience.

Affected Version(s)

FlashArray Purity 5.0.0 <= 5.0.11

FlashArray Purity 5.1.1 <= 5.1.17

FlashArray Purity 5.2.0 <= 5.2.7

References

https://support.purestorage.com/bundle/m_security_bulleti...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Dec 4, 2024