CVE-2026-20967

EPSS 0.09%
Veröffentlicht 10.03.2026 17:05:06
Zuletzt bearbeitet 13.03.2026 17:11:29
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

System Center Operations Manager (SCOM) Elevation of Privilege Vulnerability

Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 20 VulnDex Vulnerability Enrichment 3

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ System Center Operations Manager Version2019 Update-

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_1

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_1_hotfix

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_2

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_2_hotfix

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_3

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_3_hotfix

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_4

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_4_hotfix

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_5

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_5_hotfix

Microsoft ≫ System Center Operations Manager Version2019 Updateupdate_rollup_6

Microsoft ≫ System Center Operations Manager Version2022 Update-

Microsoft ≫ System Center Operations Manager Version2022 Updateupdate_rollup_1

Microsoft ≫ System Center Operations Manager Version2022 Updateupdate_rollup_1_hotfix

Microsoft ≫ System Center Operations Manager Version2022 Updateupdate_rollup_2

Microsoft ≫ System Center Operations Manager Version2022 Updateupdate_rollup_2_hotfix

Microsoft ≫ System Center Operations Manager Version2022 Updateupdate_rollup_3

Microsoft ≫ System Center Operations Manager Version2025 Update-

Microsoft ≫ System Center Operations Manager Version2025 Updateupdate_rollup_1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.245

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secure@microsoft.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20967

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-20967

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-20967

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-20967

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-20967