Lucene search
MSRC TeamMSRC:69CC27233CB7711437A7019644E4AE73HistorySep 17, 2021 - 1:28 a.m.
Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions
2021-09-1701:28:04
MSRC Team
msrc-blog.microsoft.com
92
0.975 High
EPSS
Percentile
100.0%
Last updated on October 5, 2021: See revision history located at the end of the post for changes. On September 14, 2021, Microsoft released fixes for three Elevation of Privilege (EoP) vulnerabilities and one unauthenticated Remote Code Execution (RCE) vulnerability in the Open Management Infrastructure (OMI) framework: CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647, respectively. Open Management Infrastructure (OMI) is an open-source Web-Based Enterprise Management (WBEM) โฆ
Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions Read More ยป
Related
thn
thn
msrc
msrc
threatpost
threatpost
Azure Zero-Day Bugs Show Lurking Supply-Chain Risk
2021-09-16 11:37:48
Microsoft Patches Actively Exploited Windows Zero-Day
2021-09-14 20:29:14
nessus
nessus
Microsoft Open Management Infrastructure (OMI) package < 1.6.8-1 Multiple Vulnerabilities
2021-09-17 00:00:00
Microsoft Open Management Infrastructure < 1.6.8.1 Multiple Vulnerabilities
2021-09-17 00:00:00
Microsoft Open Management Infrastructure RCE (CVE-2021-38647)
2021-09-20 00:00:00
rapid7blog
rapid7blog
OMIGOD: How to Automatically Detect and Fix Microsoft Azureโs New OMI Vulnerability
2021-09-15 14:30:57
Metasploit Wrap-Up
2021-11-12 15:36:09
Metasploit Wrap-Up
2021-10-29 17:59:46
cisa
cisa
kaspersky
kaspersky
KLA12297 Multiple vulnerabilities in Microsoft System Center
2021-09-14 00:00:00
KLA12286 Mutliple vulnerabilities in Microsoft Azure
2021-09-14 00:00:00
malwarebytes
malwarebytes
packetstorm
packetstorm
Microsoft OMI Management Interface Authentication Bypass
2021-11-10 00:00:00
Microsoft OMI Management Interface Authentication Bypass
2021-10-28 00:00:00
zdt
zdt
Microsoft OMI Management Interface Authentication Bypass Exploit
2021-11-10 00:00:00
Microsoft OMI Management Interface Authentication Bypass Exploit
2021-10-31 00:00:00
metasploit
metasploit
Microsoft OMI Management Interface Authentication Bypass
2021-10-27 16:05:56
Microsoft OMI Management Interface Authentication Bypass
2021-10-25 21:36:55
cve
cve
cvelist
cvelist
attackerkb
attackerkb
nvd
nvd
saint
saint
Microsoft Azure Open Management Infrastructure remote command execution
2021-09-28 00:00:00
Microsoft Azure Open Management Infrastructure remote command execution
2021-09-28 00:00:00
Microsoft Azure Open Management Infrastructure remote command execution
2021-09-28 00:00:00
githubexploit
githubexploit
Exploit for Improper Initialization in Microsoft
2021-09-26 18:06:00
Exploit for Improper Initialization in Microsoft
2021-09-22 01:05:22
Exploit for Improper Initialization in Microsoft
2021-09-20 16:29:48
prion
prion
Privilege escalation
2021-09-15 12:15:00
Privilege escalation
2021-09-15 12:15:00
Remote code execution
2021-09-15 12:15:00
mscve
mscve
Open Management Infrastructure Remote Code Execution Vulnerability
2021-09-14 07:00:00
Open Management Infrastructure Elevation of Privilege Vulnerability
2021-09-14 07:00:00
Open Management Infrastructure Elevation of Privilege Vulnerability
2021-09-14 07:00:00
nuclei
nuclei
Microsoft Open Management Infrastructure - Remote Code Execution
2021-09-15 16:10:58
cisa_kev
cisa_kev
ibm
ibm
checkpoint_advisories
checkpoint_advisories
krebs
krebs
Microsoft Patch Tuesday, September 2021 Edition
2021-09-14 21:00:42
avleonov
avleonov
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday (September 2021) โ Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities
2021-09-14 18:56:17
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00