CVE-2026-0207
Information Disclosure in FlashBlade Due to Sensitive Data Logging
Publication date: 2026-04-14
Last updated on: 2026-04-14
Assigner: Pure Storage, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pure_storage | flashblade | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-532 | The product writes sensitive information to a log file. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in FlashBlade and involves the potential logging of sensitive information under specific conditions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in FlashBlade involves sensitive information potentially being logged under specific conditions. This could pose risks related to the confidentiality and protection of sensitive data, which are critical aspects of compliance with standards such as GDPR and HIPAA.
However, there is no explicit information provided about the direct impact of this vulnerability on compliance with these regulations or any mitigation steps related to compliance.
How can this vulnerability impact me? :
The impact of this vulnerability is that sensitive information may be exposed through logs, which could lead to unauthorized access or disclosure of confidential data.