Azure Automation Security Vulnerabilities

CVE-2024-21330

Open Management Infrastructure (OMI) Elevation of Privilege...

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...

CVE-2022-29149

Azure Open Management Infrastructure (OMI) Elevation of Privilege...

CVE-2021-42306

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in...

CVE-2021-38647

Open Management Infrastructure Remote Code Execution...

CVE-2021-38648

Open Management Infrastructure Elevation of Privilege...

CVE-2021-38649

Open Management Infrastructure Elevation of Privilege...

CVE-2021-38645

Open Management Infrastructure Elevation of Privilege...

CVE-2019-0962

An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege...