CVE-2023-4976 - Vulnerability Details - OpenCVE

A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Purestorage	Flashblade

No data.

No data.

References

Link	Providers
https://purestorage.com/security
https://www.purestorage.com/security

History

Thu, 10 Apr 2025 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Purestorage Purestorage flashblade
CPEs		cpe:2.3:a:purestorage:flashblade::::::::
Vendors & Products		Purestorage Purestorage flashblade
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 10 Apr 2025 14:30:00 +0000

Type	Values Removed	Values Added
Description	A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.	A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.
References		https://www.purestorage.com/security

MITRE

Status: PUBLISHED

Assigner: PureStorage

Published: 2024-07-17T15:25:58.472Z

Updated: 2025-04-10T14:18:03.534Z

Reserved: 2023-09-14T20:57:21.683Z

Link: CVE-2023-4976

Vulnrichment

Updated: 2024-08-02T07:44:53.148Z

NVD

Status : Awaiting Analysis

Published: 2024-07-17T16:15:03.233

Modified: 2025-04-10T15:16:01.880

Link: CVE-2023-4976

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4976", "assignerOrgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "state": "PUBLISHED", "assignerShortName": "PureStorage", "dateReserved": "2023-09-14T20:57:21.683Z", "datePublished": "2024-07-17T15:25:58.472Z", "dateUpdated": "2025-04-10T14:18:03.534Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Purity//FB"], "product": "FlashBlade", "vendor": "PureStorage", "versions": [{"lessThanOrEqual": "3.3.10", "status": "affected", "version": "3.3.5", "versionType": "custom"}, {"lessThanOrEqual": "4.0.6", "status": "affected", "version": "4.0.4", "versionType": "custom"}, {"lessThanOrEqual": "4.1.8", "status": "affected", "version": "4.1.0", "versionType": "custom"}, {"lessThanOrEqual": "4.2.2", "status": "affected", "version": "4.2.0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: transparent;\">A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.</span><br>"}], "value": "A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "shortName": "PureStorage", "dateUpdated": "2025-04-10T14:18:03.534Z"}, "references": [{"url": "https://www.purestorage.com/security"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p><span style=\"background-color: rgb(255, 255, 255);\">This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. </span></p><p><span style=\"background-color: rgb(255, 255, 255);\">This issue is resolved in the following FlashBlade Purity versions:</span><br></p><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 3.3.11 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.1.9 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.2.3 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.3.0 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.4.0 or later </span></p><p></p></li></ul>"}], "value": "This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. \n\nThis issue is resolved in the following FlashBlade Purity versions:\n\n\n * Purity//FB 3.3.11 or later \n\n\n\n\n * Purity//FB 4.1.9 or later \n\n\n\n\n * Purity//FB 4.2.3 or later \n\n\n\n\n * Purity//FB 4.3.0 or later \n\n\n\n\n * Purity//FB 4.4.0 or later"}], "source": {"discovery": "INTERNAL"}, "title": "FlashBlade Authentication Mechanism Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "purestorage", "product": "flashblade", "cpes": ["cpe:2.3:a:purestorage:flashblade:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "3.3.5", "status": "affected", "lessThanOrEqual": "3.3.10", "versionType": "custom"}, {"version": "4.0.4", "status": "affected", "lessThanOrEqual": "4.0.6", "versionType": "custom"}, {"version": "4.1.0", "status": "affected", "lessThanOrEqual": "4.1.8", "versionType": "custom"}, {"version": "4.2.0", "status": "affected", "lessThanOrEqual": "4.2.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-17T17:54:56.371990Z", "id": "CVE-2023-4976", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:03:09.461Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:44:53.148Z"}, "title": "CVE Program Container", "references": [{"url": "https://purestorage.com/security", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://purestorage.com/security", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:44:53.148Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4976", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-17T17:54:56.371990Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:purestorage:flashblade:*:*:*:*:*:*:*:*"], "vendor": "purestorage", "product": "flashblade", "versions": [{"status": "affected", "version": "3.3.5", "versionType": "custom", "lessThanOrEqual": "3.3.10"}, {"status": "affected", "version": "4.0.4", "versionType": "custom", "lessThanOrEqual": "4.0.6"}, {"status": "affected", "version": "4.1.0", "versionType": "custom", "lessThanOrEqual": "4.1.8"}, {"status": "affected", "version": "4.2.0", "versionType": "custom", "lessThanOrEqual": "4.2.2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:03:02.579Z"}}], "cna": {"title": "FlashBlade Authentication Mechanism Vulnerability", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "PureStorage", "product": "FlashBlade", "versions": [{"status": "affected", "version": "3.3.5", "versionType": "custom", "lessThanOrEqual": "3.3.10"}, {"status": "affected", "version": "4.0.4", "versionType": "custom", "lessThanOrEqual": "4.0.6"}, {"status": "affected", "version": "4.1.0", "versionType": "custom", "lessThanOrEqual": "4.1.8"}, {"status": "affected", "version": "4.2.0", "versionType": "custom", "lessThanOrEqual": "4.2.2"}], "platforms": ["Purity//FB"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. \n\nThis issue is resolved in the following FlashBlade Purity versions:\n\n\n * Purity//FB 3.3.11 or later \n\n\n\n\n * Purity//FB 4.1.9 or later \n\n\n\n\n * Purity//FB 4.2.3 or later \n\n\n\n\n * Purity//FB 4.3.0 or later \n\n\n\n\n * Purity//FB 4.4.0 or later", "supportingMedia": [{"type": "text/html", "value": "<p><span style=\"background-color: rgb(255, 255, 255);\">This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. </span></p><p><span style=\"background-color: rgb(255, 255, 255);\">This issue is resolved in the following FlashBlade Purity versions:</span><br></p><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 3.3.11 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.1.9 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.2.3 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.3.0 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.4.0 or later </span></p><p></p></li></ul>", "base64": false}]}], "references": [{"url": "https://www.purestorage.com/security"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: transparent;\">A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "shortName": "PureStorage", "dateUpdated": "2025-04-10T14:18:03.534Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4976", "state": "PUBLISHED", "dateUpdated": "2025-04-10T14:18:03.534Z", "dateReserved": "2023-09-14T20:57:21.683Z", "assignerOrgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "datePublished": "2024-07-17T15:25:58.472Z", "assignerShortName": "PureStorage"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array."}, {"lang": "es", "value": "Existe una falla en Purity//FB por la cual se permite que una cuenta local se autentique en la interfaz de administraci\u00f3n utilizando un m\u00e9todo no deseado que permite a un atacante obtener acceso privilegiado a la matriz."}], "id": "CVE-2023-4976", "lastModified": "2025-04-10T15:16:01.880", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@purestorage.com", "type": "Secondary"}]}, "published": "2024-07-17T16:15:03.233", "references": [{"source": "psirt@purestorage.com", "url": "https://www.purestorage.com/security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://purestorage.com/security"}], "sourceIdentifier": "psirt@purestorage.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "psirt@purestorage.com", "type": "Secondary"}]}