← Back

CVE-2025-53765

nvd nist
Published: Aug 12, 2025Modified: Aug 18, 2025

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.

Affected (1)

Microsoft
1 product
Azure App Service On Azure Stack
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Azure App Service On Azure Stack
Before 102.10.2.11
Running on/withPlatform Versions
Microsoft
Azure Stack Hub
Before 1.2311.1.22

Related CWEs

CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

References (1)

Source: secure@microsoft.com
Vendor Advisory

Timeline

No history available yet.