Lucene search
+L

25 matches found

GithubExploit
GithubExploit
added 2024/03/13 8:5 p.m.382 views

Exploit for CVE-2021-38647

CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2...

9.8CVSS7.6AI score0.99723EPSS
Exploits19
0day.today
0day.today
added 2021/10/31 12:0 a.m.490 views

Microsoft OMI Management Interface Authentication Bypass Exploit

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. This module requires Metasploi...

9.8CVSS1.1AI score0.99723EPSS
Exploits19
Rapid7 Blog
Rapid7 Blog
added 2021/10/29 5:59 p.m.620 views

Metasploit Wrap-Up

OMIGOD It's RCE We are excited to announce that we now have a module for the OMIGOD vulnerability that exploits CVE-2021-38647 courtesy of our very own Spencer McIntyre! Successful exploitation will allow an unauthenticated attacker to gain root level code execution against affected servers. Give...

10CVSS0.6AI score0.99992EPSS
Exploits206
Packet Storm
Packet Storm
added 2021/10/28 12:0 a.m.519 views

Microsoft OMI Management Interface Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCXOperatingSystem' .freeze def initializeinfo = super updateinfo info, 'Name' = 'Microsoft OMI...

7.5CVSS1AI score0.99723EPSS
Exploits19
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/30 3:2 p.m.39 views

Security Bulletin: IBM QRadar Azure marketplace images include Open Management Infrastructure RPM, which is vulnerable to Remote Code Execution (CVE-2021-38647)

Summary IBM QRadar Azure marketplace images include the Open Management Infrastructure RPM which is vulnerable to CVE-2021-38647. Although we do not expose the affected port, we suggest updating out of an abundance of caution. Vulnerability Details CVEID: CVE-2021-38647 DESCRIPTION: Microsoft Azu...

9.8CVSS1.4AI score0.99723EPSS
Exploits19Affected Software1
Saint
Saint
added 2021/09/28 12:0 a.m.85 views

Microsoft Azure Open Management Infrastructure remote command execution

Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...

9.8CVSS8AI score0.99723EPSS
Exploits19
Saint
Saint
added 2021/09/28 12:0 a.m.94 views

Microsoft Azure Open Management Infrastructure remote command execution

Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...

9.8CVSS8AI score0.99723EPSS
Exploits19
GithubExploit
GithubExploit
added 2021/09/22 3:20 p.m.101 views

Exploit for CVE-2021-38647

cve-2021-38647 https://github.com/corelight/CVE-2021-38647 wit...

9.8CVSS7.9AI score0.99723EPSS
Exploits19
Check Point Advisories
Check Point Advisories
added 2021/09/21 12:0 a.m.11 views

Microsoft Open Management Infrastructure Remote Code Execution (CVE-2021-38647)

A remote code execution vulnerability exists in Microsoft Open Management Infrastructure. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS8AI score0.99723EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2021/09/20 12:0 a.m.130 views

Microsoft Open Management Infrastructure RCE (CVE-2021-38647)

Binary data omicve-2021-38647.nbin...

9.8CVSS7.3AI score0.99723EPSS
Exploits19References4
GithubExploit
GithubExploit
added 2021/09/18 3:25 p.m.261 views

Exploit for CVE-2021-38647

It is an offensive tool for testing CVE-2021-38647, a vulnerabil...

9.8CVSS8.4AI score0.99723EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2021/09/17 12:0 a.m.1274 views

Microsoft Open Management Infrastructure (OMI) package < 1.6.8-1 Multiple Vulnerabilities

The version of Microsoft Open Management Infrastructure OMI package installed on the remote host is prior to 1.6.8-1. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability exists in the OMI agent. An unauthenticated, remote attacker can exploit this to...

9.8CVSS8.7AI score0.99723EPSS
Exploits20References7
ThreatPost
ThreatPost
added 2021/09/16 11:37 a.m.47 views

Azure Zero-Day Bugs Show Lurking Supply-Chain Risk

Four Microsoft zero-day vulnerabilities in the Azure cloud platform’s Open Management Infrastructure OMI — a software that many don’t know is embedded in a host of services — show that OMI represents a significant security blind spot, researchers said. Collectively dubbed “OMIGOD” because of the...

9.8CVSS9AI score0.99723EPSS
Exploits20References12
MSRC
MSRC
added 2021/09/16 7:0 a.m.43 views

Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions

Last updated on October 5, 2021: See revision history located at the end of the post for changes. On September 14, 2021, Microsoft released fixes for three Elevation of Privilege EoP vulnerabilities and one unauthenticated Remote Code Execution RCE vulnerability in the Open Management...

9.8CVSS7.8AI score0.99723EPSS
Exploits20
GithubExploit
GithubExploit
added 2021/09/16 2:11 a.m.238 views

Exploit for CVE-2021-38647

OMIGOD Proof on Concept Exploit for CVE-2021-38647 OMIGOD F...

9.8CVSS7.6AI score0.99723EPSS
Exploits19
GithubExploit
GithubExploit
added 2021/09/15 9:44 p.m.157 views

Exploit for CVE-2021-38647

CVE-2021-38647 This is a POC for CVE-2021-38647 : Send a PO...

9.8CVSS7.8AI score0.99723EPSS
Exploits19
Rapid7 Blog
Rapid7 Blog
added 2021/09/15 2:30 p.m.341 views

OMIGOD: How to Automatically Detect and Fix Microsoft Azure’s New OMI Vulnerability

Update: On September 16, 2021, Microsoft released an updated OMS agent v1.13.40-0 that addresses these vulnerabilities. You can download the updated version from Microsoft's GitHub repo here. In response, our team is updating the pre-built insight in InsightCloudSec to specifically look for...

7.5CVSS1.6AI score0.99723EPSS
Exploits20
NVD
NVD
added 2021/09/15 12:15 p.m.21 views

CVE-2021-38647

Open Management Infrastructure Remote Code Execution Vulnerability...

9.8CVSS0.99723EPSS
Exploits19References3
Vulnrichment
Vulnrichment
added 2021/09/15 11:24 a.m.5 views

CVE-2021-38647 Open Management Infrastructure Remote Code Execution Vulnerability

...

9.8CVSS9.7AI score0.99723EPSS
Exploits19References2
Cvelist
Cvelist
added 2021/09/15 11:24 a.m.23 views

CVE-2021-38647 Open Management Infrastructure Remote Code Execution Vulnerability

...

9.8CVSS9.6AI score0.99723EPSS
Exploits19References2
Rows per page
Query Builder