Microsoft Azure Stack Hub vulnerabilities

12 known vulnerabilities affecting microsoft/azure_stack_hub.

Total CVEs
12
CISA KEV
4
actively exploited
Public exploits
1
Exploited in wild
4
Severity breakdown
CRITICAL4HIGH6MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-53793HIGHCVSS 7.5≥ 1.2406.0.8, < 1.2406.1.23≥ 1.2408.0.19, < 1.2408.1.50+1 more2025-08-12
CVE-2025-53793 [HIGH] CWE-22 CVE-2025-53793: Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2025-53765MEDIUMCVSS 5.5≥ 1.0.0, < 102.10.2.112025-08-12
CVE-2025-53765 [MEDIUM] CWE-359 CVE-2025-53765: Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorize Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.
cvelistv5nvd
CVE-2024-38216CRITICALCVSS 9.0fixed in 1.2311.1.22≥ 1.0.0, < 1.2406.1.152024-09-10
CVE-2024-38216 [HIGH] CWE-20 CVE-2024-38216: Azure Stack Hub Elevation of Privilege Vulnerability Azure Stack Hub Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-38220CRITICALCVSS 9.0fixed in 1.2311.1.22≥ 1.0.0, < 1.2406.1.152024-09-10
CVE-2024-38220 [CRITICAL] CWE-284 CVE-2024-38220: Azure Stack Hub Elevation of Privilege Vulnerability Azure Stack Hub Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-38108CRITICALCVSS 9.3≥ 1.0.0, < 1.2311.1.222024-08-13
CVE-2024-38108 [CRITICAL] CWE-79 Azure Stack Hub Spoofing Vulnerability Azure Stack Hub Spoofing Vulnerability Azure Stack Hub Spoofing Vulnerability
cvelistv5
CVE-2024-38201HIGHCVSS 7.0fixed in 1.2311.1.22≥ 1.0.0, < 1.2311.1.222024-08-13
CVE-2024-38201 [HIGH] CWE-20 CVE-2024-38201: Azure Stack Hub Elevation of Privilege Vulnerability Azure Stack Hub Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-20679MEDIUMCVSS 6.5≥ 1.0.0, < 1.2311.1.222024-02-13
CVE-2024-20679 [MEDIUM] CWE-79 Azure Stack Hub Spoofing Vulnerability Azure Stack Hub Spoofing Vulnerability Azure Stack Hub Spoofing Vulnerability
cvelistv5
CVE-2022-29149HIGHCVSS 7.8fixed in 1.14.13≥ 1.0.0, < OMS Agent for Linux GA v1.14.132022-06-15
CVE-2022-29149 [HIGH] CVE-2022-29149: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2021-38647CRITICALCVSS 9.8KEVPoC≥ 1.0.0, < Monitor, Update and Config Mgmnt 1.14.01≥ 1.0.0, < 3.1.1352021-09-15
CVE-2021-38647 [CRITICAL] CVE-2021-38647: Open Management Infrastructure Remote Code Execution Vulnerability Open Management Infrastructure Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2021-38645HIGHCVSS 7.8KEV≥ 1.0.0, < Monitor, Update and Config Mgmnt 1.14.01≥ 1.0.0, < 3.1.1352021-09-15
CVE-2021-38645 [HIGH] CVE-2021-38645: Open Management Infrastructure Elevation of Privilege Vulnerability Open Management Infrastructure Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2021-38649HIGHCVSS 7.8KEV≥ 1.0.0, < Monitor, Update and Config Mgmnt 1.14.01≥ 1.0.0, < 3.1.1352021-09-15
CVE-2021-38649 [HIGH] CVE-2021-38649: Open Management Infrastructure Elevation of Privilege Vulnerability Open Management Infrastructure Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2021-38648HIGHCVSS 7.8KEV≥ 1.0.0, < Monitor, Update and Config Mgmnt 1.14.01≥ 1.0.0, < 3.1.1352021-09-15
CVE-2021-38648 [HIGH] CVE-2021-38648: Open Management Infrastructure Elevation of Privilege Vulnerability Open Management Infrastructure Elevation of Privilege Vulnerability
cvelistv5nvd