CVE-2025-53793

Summary

Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.

Affected Software

VendorProductVersion RangeStatus
MicrosoftAzure Stack Hub 24061.0.0 < 1.2406.1.23affected
MicrosoftAzure Stack Hub 24081.0.0 < 1.2408.1.50affected
MicrosoftAzure Stack Hub 25011.0.0 < 1.2501.1.47affected

Weaknesses

  • CWE-287: CWE-287: Improper Authentication
  • CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References