Published: 15/09/2021 Updated: 28/12/2023

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 410

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Subscribe to System Center Operations Manager

Open Management Infrastructure Elevation of Privilege Vulnerability

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft system center operations manager -
microsoft azure automation state configuration -
microsoft azure automation update management -
microsoft azure diagnostics \\(lad\\) -
microsoft azure open management infrastructure -
microsoft azure security center -
microsoft azure sentinel -
microsoft azure stack hub -
microsoft container monitoring solution -
microsoft log analytics agent -

Script to check for the presence of OMS agents on VMs in Azure

Omigod-Check While recently reading about a critical bug in Azure Linux VMs, I wondered if we were susceptible This script can be run to see which VMs are potentially vulnerable From the article: To make things worse, there is no auto-update mechanism Microsoft can use to update the vulnerable agents on all Azure Linux machines, which means that customers have to upgrade it

OMIGOD-OMSAgentInfo PowerShell Scripts created to detect machines afected by OMI vulnerability: CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647, based on OMS Agent version from clients Please to check OMI versions inside Azure VMs, refers to this other script: OMIcheck Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions Ch

NVD-CWE-noinfo https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38649 https://nvd.nist.gov https://github.com/sbiqbe/omigod-check

CVE-2021-38649

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect