Azure Stack Hub Security Vulnerabilities

CVE-2024-20679

Azure Stack Hub Spoofing...

CVE-2023-48697

Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in...

CVE-2023-21777

Azure App Service on Azure Stack Hub Elevation of Privilege...

CVE-2022-29149

Azure Open Management Infrastructure (OMI) Elevation of Privilege...

CVE-2022-29223

Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with bNbPorts set to a value greater than UX_MAX_TT which defaults to 8. For a bNbPorts value....

CVE-2021-36302

All Dell EMC Integrated System for Microsoft Azure Stack Hub versions contain a privilege escalation vulnerability. A remote malicious user with standard level JEA credentials may potentially exploit this vulnerability to elevate privileges and take over the...

CVE-2021-38647

Open Management Infrastructure Remote Code Execution...

CVE-2021-38648

Open Management Infrastructure Elevation of Privilege...

CVE-2021-38649

Open Management Infrastructure Elevation of Privilege...

CVE-2021-38645

Open Management Infrastructure Elevation of Privilege...

CVE-2021-21505

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to the system to gain root...