4 matches found
CVE-2019-1372
Azure Stack/Azure App Service on Azure Stack is affected by CVE-2019-1372 due to failing to check the length of a buffer before copying memory, enabling a remote code execution that could run code as NT AUTHORITY\SYSTEM inside the sandbox. Public documents consistently describe an RCE by sanitizi...
CVE-2023-21777
Technical details about CVE-2023-21777 are not provided in the supplied connected documents. The CVE is described as an elevation of privilege issue in Azure App Service on Azure Stack Hub; no patch/version specifics are included here. Monitor vendor advisories for fixes.
CVE-2018-8600
CVE-2018-8600 is an XSS vulnerability in Microsoft Azure App Services on Azure Stack caused by improper sanitization of user input. Exploitation could allow a remote attacker to execute scripts in the context of the current user when visiting the affected App Service page. Public details in Micro...
CVE-2025-53765
CVE-2025-53765 (Azure Stack Hub Information Disclosure Vulnerability) affects Azure Stack Hub deployments, enabling a local attacker to disclose private personal information due to improper access control. The issue concerns local access to data on Azure Stack Hub and is characterized by informat...