Описание
Azure Stack Hub Information Disclosure Vulnerability
Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.
FAQ
What type of information could be disclosed by this vulnerability?
System internal configuration could be disclosed by this vulnerability.
What should users do to protect themselves?
Users can follow the instructions in the release notes to update the Azure Stack Hub environment to latest version 1.2501.1.47.
There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?
Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Azure Stack Hub 2501 | ||
| Azure Stack Hub 2408 | ||
| Azure Stack Hub 2406 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.5 High
CVSS3
Связанные уязвимости
Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.
Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.
Уязвимость интегрированной системы гибридных облачных вычислений Azure Stack Hub, связанная с недостатками процедуры аутентификации, позволяющая нарушителю обойти существующие ограничения безопасности и раскрыть защищаемую информацию
EPSS
7.5 High
CVSS3