Sep 2021: Open Management Infrastructure Elevation of Privilege Vulnerability
CVE-2021-38648 Published on September 15, 2021
Open Management Infrastructure Elevation of Privilege Vulnerability
Open Management Infrastructure Elevation of Privilege Vulnerability
Known Exploited Vulnerability
This Microsoft Azure Open Management Infrastructure (OMI) Privilege Escalation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Open Management Infrastructure Privilege Escalation Vulnerability.
The following remediation steps are recommended / required by November 17, 2021: Apply updates per vendor instructions.
Products Associated with CVE-2021-38648
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Open Management Infrastructure:- Version 16.0 and below OMI Version 1.6.8-1 is affected.
- Version 1.0.0 and below OMI version: 1.6.8-1 is affected.
- Version 2.0.0 and below DSC Agent versions: 2.71.1.25, 2.70.0.30, 3.0.0.3 is affected.
- Version 1.0.0 and below OMS Agent for Linux GA v1.13.40-0 is affected.
- Version 1.0.0 and below OMS Agent for Linux GA v1.13.40-0 is affected.
- Version 3.0.0 and below LAD v4.0.13 and LAD v3.0.135 is affected.
- Version 1.0.0 and below publication is affected.
- Version 1.0.0 and below OMS Agent for Linux GA v1.13.40-0 is affected.
- Version 1.0.0 and below OMS Agent for Linux GA v1.13.40-0 is affected.
- Version 1.0.0 and below Monitor, Update and Config Mgmnt 1.14.01 is affected.
- Version 1.0.0 and below 3.1.135 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.