System Center Operations Manager Security Vulnerabilities and Issues — System Center Operations Manager CVE List

Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0009...

4.3CVSS5AI score0.24926EPSS

CVE•added 2020/12/10 12:15 a.m.•121 views

CVE-2020-17152

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.11968EPSS

CVE•added 2020/12/10 12:15 a.m.•118 views

CVE-2020-17158

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.11968EPSS

CVE•added 2013/01/09 6:9 p.m.•113 views

CVE-2013-0009

4.3CVSS5AI score0.24926EPSS

CVE•added 2022/08/09 8:15 p.m.•111 views

CVE-2022-33640

System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00658EPSS

CVE•added 2023/07/14 6:15 p.m.•106 views

CVE-2023-24896

Dynamics 365 Finance Spoofing Vulnerability

5.4CVSS5.4AI score0.00343EPSS

CVE•added 2021/05/11 7:15 p.m.•102 views

CVE-2021-28461

Dynamics Finance and Operations Cross-site Scripting Vulnerability

6.1CVSS6.1AI score0.00847EPSS

CVE•added 2021/02/25 11:15 p.m.•92 views

CVE-2021-1728

System Center Operations Manager Elevation of Privilege Vulnerability

8.8CVSS8.7AI score0.00576EPSS

CVE•added 2021/10/13 1:15 a.m.•91 views

CVE-2021-41352

SCOM Information Disclosure Vulnerability

7.5CVSS7.2AI score0.09515EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-27743

Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00133EPSS

CVE•added 2020/08/17 7:15 p.m.•83 views

CVE-2020-1182

A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server.An authenticated attacker...

8CVSS7.5AI score0.1591EPSS

CVE•added 2023/11/14 6:15 p.m.•81 views

CVE-2023-36043

Open Management Infrastructure Information Disclosure Vulnerability

6.5CVSS6.5AI score0.00245EPSS

CVE•added 2020/09/11 5:15 p.m.•68 views

CVE-2020-16857

8.8CVSS7.2AI score0.0073EPSS

CVE•added 2024/12/12 2:0 a.m.•68 views

CVE-2024-43594

Microsoft System Center Elevation of Privilege Vulnerability

7.3CVSS7.1AI score0.00112EPSS

CVE•added 2020/06/09 8:15 p.m.•67 views

CVE-2020-1331

A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Manager Spoofing Vulnerability'.

5.4CVSS6.2AI score0.00341EPSS

CVE•added 2023/12/12 6:15 p.m.•61 views

CVE-2023-35621

Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability

7.5CVSS7.5AI score0.00555EPSS

CVE•added 2023/09/12 5:15 p.m.•59 views

CVE-2023-36800

Dynamics Finance and Operations Cross-site Scripting Vulnerability

7.6CVSS6.3AI score0.00228EPSS

CVE•added 2015/08/15 12:59 a.m.•55 views

CVE-2015-2420

Cross-site scripting (XSS) vulnerability in Microsoft System Center 2012 Operations Manager Gold before Rollup 8, SP1 before Rollup 10, and R2 before Rollup 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "System Center Operations Manager Web Console XSS Vuln...

4.3CVSS5AI score0.14542EPSS