7.8
CVE-2021-38645
- EPSS 11.55%
- Veröffentlicht 15.09.2021 12:15:14
- Zuletzt bearbeitet 30.10.2025 19:14:04
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginOpen Management Infrastructure Elevation of Privilege Vulnerability
Open Management Infrastructure Elevation of Privilege Vulnerability
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Azure Automation State Configuration Version-
Microsoft ≫ Azure Automation Update Management Version-
Microsoft ≫ Azure Open Management Infrastructure Version-
Microsoft ≫ Azure Security Center Version-
Microsoft ≫ Azure Sentinel Version-
Microsoft ≫ Azure Stack Hub Version-
Microsoft ≫ Container Monitoring Solution Version-
Microsoft ≫ Log Analytics Agent Version-
Microsoft ≫ System Center Operations Manager Version-
03.11.2021: CISA Known Exploited Vulnerabilities (KEV) Catalog
Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
SchwachstelleMicrosoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation.
BeschreibungApply updates per vendor instructions.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11.55% | 0.936 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| secure@microsoft.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|