Lucene search
Microsoft Security Response CenterMSRC:898825BF130FA4417637FC463F734C20HistorySep 16, 2021 - 7:00 a.m.
Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions
2021-09-1607:00:00
Microsoft Security Response Center
link
10
0.975 High
EPSS
Percentile
100.0%
Last updated on October 5, 2021: See revision history located at the end of the post for changes. On September 14, 2021, Microsoft released fixes for three Elevation of Privilege (EoP) vulnerabilities and one unauthenticated Remote Code Execution (RCE) vulnerability in the Open Management Infrastructure (OMI) framework: CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647, respectively.
Related
rapid7blog
rapid7blog
OMIGOD: How to Automatically Detect and Fix Microsoft Azureโs New OMI Vulnerability
2021-09-15 14:30:57
Metasploit Wrap-Up
2021-11-12 15:36:09
Metasploit Wrap-Up
2021-10-29 17:59:46
msrc
msrc
nessus
nessus
Microsoft Open Management Infrastructure < 1.6.8.1 Multiple Vulnerabilities
2021-09-17 00:00:00
Microsoft Open Management Infrastructure (OMI) package < 1.6.8-1 Multiple Vulnerabilities
2021-09-17 00:00:00
Microsoft Open Management Infrastructure RCE (CVE-2021-38647)
2021-09-20 00:00:00
thn
thn
threatpost
threatpost
Azure Zero-Day Bugs Show Lurking Supply-Chain Risk
2021-09-16 11:37:48
Microsoft Patches Actively Exploited Windows Zero-Day
2021-09-14 20:29:14
cisa
cisa
kaspersky
kaspersky
KLA12297 Multiple vulnerabilities in Microsoft System Center
2021-09-14 00:00:00
KLA12286 Mutliple vulnerabilities in Microsoft Azure
2021-09-14 00:00:00
malwarebytes
malwarebytes
packetstorm
packetstorm
Microsoft OMI Management Interface Authentication Bypass
2021-11-10 00:00:00
Microsoft OMI Management Interface Authentication Bypass
2021-10-28 00:00:00
zdt
zdt
Microsoft OMI Management Interface Authentication Bypass Exploit
2021-11-10 00:00:00
Microsoft OMI Management Interface Authentication Bypass Exploit
2021-10-31 00:00:00
metasploit
metasploit
Microsoft OMI Management Interface Authentication Bypass
2021-10-27 16:05:56
Microsoft OMI Management Interface Authentication Bypass
2021-10-25 21:36:55
cve
cve
cvelist
cvelist
saint
saint
Microsoft Azure Open Management Infrastructure remote command execution
2021-09-28 00:00:00
Microsoft Azure Open Management Infrastructure remote command execution
2021-09-28 00:00:00
Microsoft Azure Open Management Infrastructure remote command execution
2021-09-28 00:00:00
githubexploit
githubexploit
Exploit for Improper Initialization in Microsoft
2021-09-26 18:06:00
Exploit for Improper Initialization in Microsoft
2021-09-22 01:05:22
Exploit for Improper Initialization in Microsoft
2021-09-19 15:43:32
nvd
nvd
mscve
mscve
Open Management Infrastructure Elevation of Privilege Vulnerability
2021-09-14 07:00:00
Open Management Infrastructure Elevation of Privilege Vulnerability
2021-09-14 07:00:00
Open Management Infrastructure Remote Code Execution Vulnerability
2021-09-14 07:00:00
cisa_kev
cisa_kev
attackerkb
attackerkb
prion
prion
Privilege escalation
2021-09-15 12:15:00
Privilege escalation
2021-09-15 12:15:00
Remote code execution
2021-09-15 12:15:00
ibm
ibm
nuclei
nuclei
Microsoft Open Management Infrastructure - Remote Code Execution
2021-09-15 16:10:58
checkpoint_advisories
checkpoint_advisories
krebs
krebs
Microsoft Patch Tuesday, September 2021 Edition
2021-09-14 21:00:42
avleonov
avleonov
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday (September 2021) โ Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities
2021-09-14 18:56:17
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00