Improper Input Validation in FlashBlade by Pure Storage
CVE-2025-0052

8.3HIGH

Key Information:

Vendor: Pure Storage
Status: Flashblade
Vendor: CVE Published:; 10 June 2025

🔔 Create Pure Storage Vulnerability Alert

What is CVE-2025-0052?

An improper input validation vulnerability exists in FlashBlade, allowing attackers to exploit the authentication process, potentially leading to a system Denial of Service (DoS). This issue could be leveraged to disrupt normal operations and affect system availability.

Affected Version(s)

FlashBlade Purity 3.3.0 <= 3.3.11

FlashBlade Purity 4.0.0 <= 4.0.6

FlashBlade Purity 4.1.0 <= 4.1.20

References

https://support.purestorage.com/bundle/m_security_bulleti...

CVSS V4

Score:

8.3

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Dec 4, 2024