CVE-2023-4976 - OpenCVE

A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://purestorage.com/security

History

No history.

MITRE

Status: PUBLISHED

Assigner: PureStorage

Published: 2024-07-17T15:25:58.472Z

Updated: 2024-08-02T07:44:53.148Z

Reserved: 2023-09-14T20:57:21.683Z

Link: CVE-2023-4976

Vulnrichment

Updated: 2024-08-02T07:44:53.148Z

NVD

Status : Awaiting Analysis

Published: 2024-07-17T16:15:03.233

Modified: 2024-07-18T12:28:43.707

Link: CVE-2023-4976

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4976", "assignerOrgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "state": "PUBLISHED", "assignerShortName": "PureStorage", "dateReserved": "2023-09-14T20:57:21.683Z", "datePublished": "2024-07-17T15:25:58.472Z", "dateUpdated": "2024-08-02T07:44:53.148Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FlashBlade", "vendor": "PureStorage", "versions": [{"lessThanOrEqual": "3.3.10", "status": "affected", "version": "3.3.5", "versionType": "custom"}, {"lessThanOrEqual": "4.0.6", "status": "affected", "version": "4.0.4", "versionType": "custom"}, {"lessThanOrEqual": "4.1.8", "status": "affected", "version": "4.1.0", "versionType": "custom"}, {"lessThanOrEqual": "4.2.2", "status": "affected", "version": "4.2.0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: transparent;\">A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.</span><br>"}], "value": "A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "shortName": "PureStorage", "dateUpdated": "2024-07-17T15:25:58.472Z"}, "references": [{"url": "https://purestorage.com/security"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p><span style=\"background-color: rgb(255, 255, 255);\">This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. </span></p><p><span style=\"background-color: rgb(255, 255, 255);\">This issue is resolved in the following FlashBlade Purity versions:</span><br></p><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 3.3.11 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.1.9 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.2.3 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.3.0 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.4.0 or later </span></p><p></p></li></ul>"}], "value": "This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. \n\nThis issue is resolved in the following FlashBlade Purity versions:\n\n\n * Purity//FB 3.3.11 or later \n\n\n\n\n * Purity//FB 4.1.9 or later \n\n\n\n\n * Purity//FB 4.2.3 or later \n\n\n\n\n * Purity//FB 4.3.0 or later \n\n\n\n\n * Purity//FB 4.4.0 or later"}], "source": {"discovery": "INTERNAL"}, "title": "FlashBlade Authentication Mechanism Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "purestorage", "product": "flashblade", "cpes": ["cpe:2.3:a:purestorage:flashblade:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "3.3.5", "status": "affected", "lessThanOrEqual": "3.3.10", "versionType": "custom"}, {"version": "4.0.4", "status": "affected", "lessThanOrEqual": "4.0.6", "versionType": "custom"}, {"version": "4.1.0", "status": "affected", "lessThanOrEqual": "4.1.8", "versionType": "custom"}, {"version": "4.2.0", "status": "affected", "lessThanOrEqual": "4.2.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-17T17:54:56.371990Z", "id": "CVE-2023-4976", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:03:09.461Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:44:53.148Z"}, "title": "CVE Program Container", "references": [{"url": "https://purestorage.com/security", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://purestorage.com/security", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:44:53.148Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4976", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-17T17:54:56.371990Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:purestorage:flashblade:*:*:*:*:*:*:*:*"], "vendor": "purestorage", "product": "flashblade", "versions": [{"status": "affected", "version": "3.3.5", "versionType": "custom", "lessThanOrEqual": "3.3.10"}, {"status": "affected", "version": "4.0.4", "versionType": "custom", "lessThanOrEqual": "4.0.6"}, {"status": "affected", "version": "4.1.0", "versionType": "custom", "lessThanOrEqual": "4.1.8"}, {"status": "affected", "version": "4.2.0", "versionType": "custom", "lessThanOrEqual": "4.2.2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:03:02.579Z"}}], "cna": {"title": "FlashBlade Authentication Mechanism Vulnerability", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "PureStorage", "product": "FlashBlade", "versions": [{"status": "affected", "version": "3.3.5", "versionType": "custom", "lessThanOrEqual": "3.3.10"}, {"status": "affected", "version": "4.0.4", "versionType": "custom", "lessThanOrEqual": "4.0.6"}, {"status": "affected", "version": "4.1.0", "versionType": "custom", "lessThanOrEqual": "4.1.8"}, {"status": "affected", "version": "4.2.0", "versionType": "custom", "lessThanOrEqual": "4.2.2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. \n\nThis issue is resolved in the following FlashBlade Purity versions:\n\n\n * Purity//FB 3.3.11 or later \n\n\n\n\n * Purity//FB 4.1.9 or later \n\n\n\n\n * Purity//FB 4.2.3 or later \n\n\n\n\n * Purity//FB 4.3.0 or later \n\n\n\n\n * Purity//FB 4.4.0 or later", "supportingMedia": [{"type": "text/html", "value": "<p><span style=\"background-color: rgb(255, 255, 255);\">This vulnerability can be fixed either by applying a patch or upgrading to an unaffected Purity version. </span></p><p><span style=\"background-color: rgb(255, 255, 255);\">This issue is resolved in the following FlashBlade Purity versions:</span><br></p><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 3.3.11 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.1.9 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.2.3 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.3.0 or later </span></p></li></ul><ul><li><p><span style=\"background-color: rgb(255, 255, 255);\">Purity//FB 4.4.0 or later </span></p><p></p></li></ul>", "base64": false}]}], "references": [{"url": "https://purestorage.com/security"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: transparent;\">A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "shortName": "PureStorage", "dateUpdated": "2024-07-17T15:25:58.472Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4976", "state": "PUBLISHED", "dateUpdated": "2024-08-02T07:44:53.148Z", "dateReserved": "2023-09-14T20:57:21.683Z", "assignerOrgId": "3895c224-4e1d-482a-adb3-fa64795683ac", "datePublished": "2024-07-17T15:25:58.472Z", "assignerShortName": "PureStorage"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array."}, {"lang": "es", "value": "Existe una falla en Purity//FB por la cual se permite que una cuenta local se autentique en la interfaz de administraci\u00f3n utilizando un m\u00e9todo no deseado que permite a un atacante obtener acceso privilegiado a la matriz."}], "id": "CVE-2023-4976", "lastModified": "2024-07-18T12:28:43.707", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "psirt@purestorage.com", "type": "Secondary"}]}, "published": "2024-07-17T16:15:03.233", "references": [{"source": "psirt@purestorage.com", "url": "https://purestorage.com/security"}], "sourceIdentifier": "psirt@purestorage.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "psirt@purestorage.com", "type": "Secondary"}]}