| Vulnerability Status: Final | Source: Pure Storage | Initial Publication Date: 2025-06-16 | Last Updated: 2025-08-12 11:06:31 |
Summary:
A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is logged during key rotation when RDL is configured.
CVE#: CVE-2025-2327
Severity (v3): 3 - Medium
Product(s): FlashArray
Version First Fixed: Purity//FA 6.5.11, Purity//FA 6.7.4, Purity//FA 6.8.6
References:
https://nvd.nist.gov/vuln/detail/CVE-2025-2327