PX Enterprise Improper Sanitization Vulnerability_CVE-2025-9127

8.4 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Description

A vulnerability exists in PX Enterprise whereby sensitive information may be logged under specific conditions.

Basic Information

ID CVE-2025-9127

Source PureStorage

Published Dec 4, 2025 at 17:59

Modified Dec 4, 2025 at 20:00

Affected Product

Vendor Pure Storage

Product PX Enterprise

Version 3.3.0, 3.3.1, 3.3.1.1, 3.3.1.2

Affected Versions Pure Storage PX Enterprise 3.3.0, 3.3.1, 3.3.1.1, 3.3.1.2
Pure Storage PX Enterprise 3.2.0, 3.2.1, 3.2.2, 3.2.3
Pure Storage PX Enterprise 3.1.1
Pure Storage PX Enterprise 2.13.12

CWE Classification

CWE-116

References

support.purestorage.com /category/m_pure_storage_product_security

{
    "lastseen": "",
    "description": "A vulnerability exists in PX Enterprise whereby sensitive information may be logged under specific conditions.",
    "published": "2025-12-04T17:59:39.985Z",
    "modified": "2025-12-04T20:00:49.889Z",
    "type": "cve",
    "title": "PX Enterprise Improper Sanitization Vulnerability",
    "source": "PureStorage",
    "references": "https://support.purestorage.com/category/m_pure_storage_product_security",
    "id": "CVE-2025-9127",
    "bulletinFamily": "",
    "cwe": [
        "CWE-116"
    ],
    "cvelist": null,
    "sourceData": "Pure Storage PX Enterprise 3.3.0, 3.3.1, 3.3.1.1, 3.3.1.2\nPure Storage PX Enterprise 3.2.0, 3.2.1, 3.2.2, 3.2.3\nPure Storage PX Enterprise 3.1.1\nPure Storage PX Enterprise 2.13.12",
    "sourceHref": "",
    "cvss": {
        "score": 8.4,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PX Enterprise",
    "version": "3.3.0, 3.3.1, 3.3.1.1, 3.3.1.2",
    "vendor": "Pure Storage",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}