Lucene search
HistoryMar 12, 2024 - 5:15 p.m.
CVE-2024-21334
cve-2024-21334
open management infrastructure
omi
remote code execution
vulnerability
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
Affected configurations
Node
microsoftsystem_center_operations_manager_(scom)_2019Range10.19.0–10.19.1253.0
ORmicrosoftsystem_center_operations_manager_(scom)_2022Range10.22.0–10.22.1070.0
ORmicrosoftopen_management_infrastructureRange16.0–1.8.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | system_center_operations_manager_(scom)_2019 | * | cpe:2.3:a:microsoft:system_center_operations_manager_(scom)_2019:*:*:*:*:*:*:*:* |
| microsoft | system_center_operations_manager_(scom)_2022 | * | cpe:2.3:a:microsoft:system_center_operations_manager_(scom)_2022:*:*:*:*:*:*:*:* |
| microsoft | open_management_infrastructure | * | cpe:2.3:a:microsoft:open_management_infrastructure:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "System Center Operations Manager (SCOM) 2019",
"cpes": [
"cpe:2.3:a:microsoft:system_center_operations_manager:2019:-:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "10.19.0",
"lessThan": "10.19.1253.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "System Center Operations Manager (SCOM) 2022",
"cpes": [
"cpe:2.3:a:microsoft:system_center_operations_manager:2022:-:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "10.22.0",
"lessThan": "10.22.1070.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Open Management Infrastructure",
"cpes": [
"cpe:2.3:a:microsoft:open_management_infrastructure:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0",
"lessThan": "OMI version 1.8.1-0",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Remote code execution
2024-03-12 17:15:00
mscve
mscve
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
2024-03-12 07:00:00
nvd
nvd
CVE-2024-21334
2024-03-12 17:15:49
ibm
ibm
cvelist
cvelist
vulnrichment
vulnrichment
nessus
nessus
Security Updates for Microsoft Open Management Infrastructure (March 2024)
2024-03-20 00:00:00
Security Updates for Microsoft System Center Management Pack (March 2024)
2024-03-12 00:00:00
malwarebytes
malwarebytes
Microsoft Patch Tuesday March 2024 includes critical Hyper-V flaws
2024-03-13 15:13:40
talosblog
talosblog
kaspersky
kaspersky
KLA65124 Multiple vulnerabilities in Microsoft System Center
2024-03-12 00:00:00
KLA65131 Multiple vulnerabilities in Microsoft Azure
2024-03-12 00:00:00
krebs
krebs
Patch Tuesday, March 2024 Edition
2024-03-12 20:36:33
thn
thn
rapid7blog
rapid7blog
Patch Tuesday - March 2024
2024-03-12 19:47:44
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Related for CVE-2024-21334