Skip to main content

Azure App Service On Azure Stack

4 CVEs product

Monthly

CVE-2025-53765 MEDIUM Monitor

Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure App Service On Azure Stack
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21777 HIGH PATCH This Week

Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Azure App Service On Azure Stack
NVD
CVSS 3.1
8.7
EPSS
0.3%
CVE-2019-1372 CRITICAL PATCH Act Now

An remote code execution vulnerability exists when Azure App Service/ Antares on Azure Stack fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Azure App Service On Azure Stack
NVD
CVSS 3.1
10.0
EPSS
17.8%
CVE-2018-8600 MEDIUM PATCH This Month

A Cross-site Scripting (XSS) vulnerability exists when Azure App Services on Azure Stack does not properly sanitize user provided input, aka "Azure App Service Cross-site Scripting Vulnerability.". Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft XSS Azure App Service On Azure Stack
NVD
CVSS 3.0
6.1
EPSS
2.0%
EPSS 0% CVSS 4.4
MEDIUM Monitor

Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Azure App Service On Azure Stack
NVD
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Azure App Service On Azure Stack
NVD
EPSS 18% CVSS 10.0
CRITICAL PATCH Act Now

An remote code execution vulnerability exists when Azure App Service/ Antares on Azure Stack fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft RCE Azure App Service On Azure Stack
NVD
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

A Cross-site Scripting (XSS) vulnerability exists when Azure App Services on Azure Stack does not properly sanitize user provided input, aka "Azure App Service Cross-site Scripting Vulnerability.". Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft XSS Azure App Service On Azure Stack
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy