CVE-2025-53765: Azure Stack Hub Information Disclosure Vulnerability

Overview

Severity

Medium (CVSS 4.4)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Category

Information Disclosure

Exploit Status

Not Exploited

Exploitation Likelihood

Unlikely

Patch Tuesday

2025-Aug

Released

2025-08-12

EPSS Score

0.10% (percentile: 26.4%)

Description

Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.

FAQ

What type of information could be disclosed by this vulnerability? This vulnerability could disclose administrator account passwords in the logs.

Affected Products (1)

Azure

• Azure Stack Hub

Security Updates (1)

• Release Notes

Acknowledgments

Anonymous

Revision History

• 2025-08-12: Information published.