Lucene search
K

90 matches found

CNNVD
CNNVD
added 2022/06/14 12:0 a.m.5 views

Microsoft Azure 安全漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Azure. The following products and versions are affected: Azure Automation State Configuration, DSC Extension, Azure...

7.8CVSS7.7AI score0.0091EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.3 views

PT-2022-3189 · Unknown · Open Management Infrastructure

Name of the Vulnerable Software and Affected Versions: Open Management Infrastructure OMI affected versions not specified Description: The issue is related to an Elevation of Privilege Vulnerability in Open Management Infrastructure OMI, which is associated with inadequate access control...

7.8CVSS9.3AI score0.0091EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2021/12/07 12:0 a.m.7 views

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure (OMI) for virtual machine management in Azure allows attackers to escalate their privileges due to lack of access control mechanisms.

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure OMI extensions for managing virtual machines in Azure is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.7AI score0.0189EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/07 12:0 a.m.7 views

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure (OMI) for virtual machine management in Azure allows attackers to escalate their privileges due to lack of access control mechanisms.

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure OMI extensions for managing virtual machines in Azure is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.7AI score0.11424EPSS
Exploits4References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.7 views

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure (OMI) for virtual machine management in Azure allows attackers to escalate their privileges due to lack of access control mechanisms.

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure OMI extensions for managing virtual machines in Azure is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.7AI score0.02EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/15 12:0 a.m.10 views

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure (OMI) for virtual machine management in Azure allows a attacker to execute arbitrary code, resulting in management code generation errors.

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure OMI for managing virtual machines in Azure is related to errors in code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7.6AI score0.99723EPSS
Exploits19References5Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.17 views

Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability

Microsoft Open Management Infrastructure OMI within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation...

7.8CVSS7.6AI score0.0189EPSS
In wildExploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/30 3:2 p.m.39 views

Security Bulletin: IBM QRadar Azure marketplace images include Open Management Infrastructure RPM, which is vulnerable to Remote Code Execution (CVE-2021-38647)

Summary IBM QRadar Azure marketplace images include the Open Management Infrastructure RPM which is vulnerable to CVE-2021-38647. Although we do not expose the affected port, we suggest updating out of an abundance of caution. Vulnerability Details CVEID: CVE-2021-38647 DESCRIPTION: Microsoft Azu...

9.8CVSS1.4AI score0.99723EPSS
Exploits19Affected Software1
Saint
Saint
added 2021/09/28 12:0 a.m.84 views

Microsoft Azure Open Management Infrastructure remote command execution

Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...

9.8CVSS8AI score0.99723EPSS
Exploits19
Saint
Saint
added 2021/09/28 12:0 a.m.92 views

Microsoft Azure Open Management Infrastructure remote command execution

Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...

9.8CVSS8AI score0.99723EPSS
Exploits19
Check Point Advisories
Check Point Advisories
added 2021/09/21 12:0 a.m.6 views

Microsoft Open Management Infrastructure Remote Code Execution (CVE-2021-38647)

A remote code execution vulnerability exists in Microsoft Open Management Infrastructure. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS8AI score0.99723EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2021/09/20 12:0 a.m.130 views

Microsoft Open Management Infrastructure RCE (CVE-2021-38647)

Binary data omicve-2021-38647.nbin...

9.8CVSS7.3AI score0.99723EPSS
Exploits19References4
GithubExploit
GithubExploit
added 2021/09/18 3:25 p.m.224 views

Exploit for CVE-2021-38647

It is an offensive tool for testing CVE-2021-38647, a vulnerabil...

9.8CVSS8.4AI score0.99723EPSS
Exploits19
VulnCheck KEV
VulnCheck KEV
added 2021/09/17 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-38648

Microsoft Open Management Infrastructure OMI within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation...

7.8CVSS7.3AI score0.11424EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2021/09/17 12:0 a.m.176 views

Microsoft Open Management Infrastructure < 1.6.8.1 Multiple Vulnerabilities

The version of Azure Open Management Infrastructure installed on the remote host is prior to 1.6.8.1. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability exists in the OMI agent. An unauthenticated, remote attacker can exploit this to bypass...

9.8CVSS8.7AI score0.99723EPSS
Exploits20References6
VulnCheck KEV
VulnCheck KEV
added 2021/09/17 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-38645

Microsoft Open Management Infrastructure OMI within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation...

7.8CVSS7.3AI score0.0189EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2021/09/17 12:0 a.m.6 views

VulnCheck KEV: CVE-2021-38649

Microsoft Open Management Infrastructure OMI within Azure VM Management Extensions contains an unspecified vulnerability allowing privilege escalation...

7.8CVSS7.3AI score0.02EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/09/16 12:0 a.m.22 views

Microsoft Open Management Infrastructure Detection (Unix / Linux)

Binary data microsoftominixinstalled.nbin...

7.3AI score
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2021/09/16 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-38647

Microsoft Open Management Infrastructure OMI within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution...

9.8CVSS7.2AI score0.99723EPSS
Exploits19References1
The Hacker News
The Hacker News
added 2021/09/15 6:36 p.m.171 views

Critical Flaws Discovered in Azure App That Microsoft Secretly Installs on Linux VMs

Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems. The list of flaws, collectively called OMIGOD by...

9.8CVSS0.5AI score0.99723EPSS
Exploits20
Rows per page
Query Builder