Skip to main content

Azure Stack Hub

11 CVEs product

Monthly

CVE-2025-53793 HIGH This Month

Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Path Traversal Azure Stack Hub
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-38220 CRITICAL PATCH Act Now

Azure Stack Hub Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Microsoft Azure Stack Hub
NVD
CVSS 3.1
9.0
EPSS
1.0%
CVE-2024-38216 CRITICAL PATCH Act Now

Azure Stack Hub Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Azure Stack Hub
NVD
CVSS 3.1
9.0
EPSS
0.9%
CVE-2024-38201 HIGH PATCH This Week

Azure Stack Hub Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Microsoft Azure Stack Hub
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2024-38108 CRITICAL PATCH Act Now

Azure Stack Hub Spoofing Vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Azure Stack Hub
NVD
CVSS 3.1
9.3
EPSS
1.1%
CVE-2024-20679 MEDIUM PATCH This Month

Azure Stack Hub Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Azure Stack Hub
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2022-29149 HIGH PATCH This Week

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Azure Automation State Configuration Azure Automation Update Management Azure Diagnostics Azure Security Center +6
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-38649 HIGH KEV PATCH THREAT This Week

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Azure Automation State Configuration Azure Automation Update Management Azure Diagnostics Lad Azure Open Management Infrastructure +6
NVD
CVSS 3.1
7.0
EPSS
2.0%
CVE-2021-38648 HIGH POC KEV PATCH THREAT Act Now

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Azure Automation State Configuration Azure Automation Update Management Azure Diagnostics Lad Azure Open Management Infrastructure +6
NVD
CVSS 3.1
7.8
EPSS
11.4%
CVE-2021-38647 CRITICAL POC KEV PATCH THREAT Act Now

Open Management Infrastructure Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Azure Automation State Configuration Azure Automation Update Management Azure Diagnostics Lad Azure Open Management Infrastructure +6
NVD
CVSS 3.1
9.8
EPSS
99.7%
CVE-2021-38645 HIGH KEV PATCH THREAT This Week

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Azure Automation State Configuration Azure Automation Update Management Azure Diagnostics Lad Azure Open Management Infrastructure +6
NVD
CVSS 3.1
7.8
EPSS
1.9%
EPSS 0% CVSS 7.5
HIGH This Month

Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Path Traversal +1
NVD
EPSS 1% CVSS 9.0
CRITICAL PATCH Act Now

Azure Stack Hub Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Microsoft Azure Stack Hub
NVD
EPSS 1% CVSS 9.0
CRITICAL PATCH Act Now

Azure Stack Hub Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Azure Stack Hub
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Azure Stack Hub Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Microsoft Azure Stack Hub
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

Azure Stack Hub Spoofing Vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Azure Stack Hub
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Azure Stack Hub Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Azure Stack Hub
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Azure Automation State Configuration Azure Automation Update Management +8
NVD
EPSS 2% CVSS 7.0
HIGH KEV PATCH THREAT This Week

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Azure Automation State Configuration Azure Automation Update Management +8
NVD
EPSS 11% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Azure Automation State Configuration Azure Automation Update Management +8
NVD
EPSS 100% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

Open Management Infrastructure Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Azure Automation State Configuration Azure Automation Update Management +8
NVD
EPSS 2% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Azure Automation State Configuration Azure Automation Update Management +8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy