cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21334,https://securityvulnerability.io/vulnerability/CVE-2024-21334,OMI Remote Code Execution Flaw Allows Attackers to Take Control of Systems,"A vulnerability exists in the Open Management Infrastructure (OMI) that allows for remote code execution, potentially enabling an attacker to execute arbitrary code on affected systems. This can lead to unauthorized access, data manipulation, and other malicious activities if proper mitigation measures are not taken. Organizations utilizing OMI should prioritize reviewing their deployments and applying necessary updates to safeguard their systems.",Microsoft,"System Center Operations Manager (scom) 2019,System Center Operations Manager (scom) 2022,Open Management Infrastructure",9.8,CRITICAL,0.0005300000193528831,false,false,false,true,true,false,false,2024-03-12T16:57:57.499Z,0
CVE-2024-21330,https://securityvulnerability.io/vulnerability/CVE-2024-21330,Elevation of Privilege Vulnerability Affects Open Management Infrastructure,"The Open Management Infrastructure (OMI) contains an elevation of privilege vulnerability that can be exploited by an authenticated attacker to gain elevated permissions on the affected system. Successfully exploiting this vulnerability allows the attacker to perform actions with higher privileges, potentially compromising the integrity and availability of the system. Users should ensure that they are running the latest version of OMI to mitigate the risks associated with this vulnerability. For further details, refer to the Microsoft Security Response Center.",Microsoft,"System Center Operations Manager (scom) 2019,System Center Operations Manager (scom) 2022,Azure Automation,Azure Automation Update Management,Azure Sentinel,Container Monitoring Solution,Azure Hdinsight,Open Management Infrastructure,Azure Security Center,Log Analytics Agent",7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2024-03-12T16:57:56.930Z,0
CVE-2023-36043,https://securityvulnerability.io/vulnerability/CVE-2023-36043,Open Management Infrastructure Information Disclosure Vulnerability,Open Management Infrastructure Information Disclosure Vulnerability,Microsoft,"System Center Operations Manager (scom) 2022,System Center Operations Manager (scom) 2019,System Center Operations Manager (scom) 2016",6.5,MEDIUM,0.0006200000061653554,false,false,false,false,,false,false,2023-11-14T18:15:00.000Z,0
CVE-2022-33640,https://securityvulnerability.io/vulnerability/CVE-2022-33640,System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability,System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability,Microsoft,"Open Management Infrastructure,System Center Operations Manager (scom) 2019,System Center Operations Manager (scom) 2016,System Center Operations Manager (scom) 2022",7.8,HIGH,0.0006699999794363976,false,false,false,false,,false,false,2022-08-09T19:50:03.000Z,0
CVE-2022-29149,https://securityvulnerability.io/vulnerability/CVE-2022-29149,Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability,Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability,Microsoft,"Azure Automation State Configuration, Dsc Extension,Azure Automation Update Management,Log Analytics Agent,Azure Diagnostics (lad),Container Monitoring Solution,Azure Security Center,Azure Sentinel,Azure Stack Hub,Open Management Infrastructure,System Center Operations Manager (scom) 2022,System Center Operations Manager (scom) 2019,System Center Operations Manager (scom) 2016",7.8,HIGH,0.0006699999794363976,false,false,false,false,,false,false,2022-06-15T21:51:17.000Z,0
CVE-2021-41352,https://securityvulnerability.io/vulnerability/CVE-2021-41352,SCOM Information Disclosure Vulnerability,SCOM Information Disclosure Vulnerability,Microsoft,"System Center 2016 Operations Manager,System Center 2019 Operations Manager,System Center 2012 R2 Operations Manager",7.5,HIGH,0.05697000026702881,false,false,false,false,,false,false,2021-10-13T00:28:15.000Z,0
CVE-2021-38649,https://securityvulnerability.io/vulnerability/CVE-2021-38649,Open Management Infrastructure Elevation of Privilege Vulnerability,Open Management Infrastructure Elevation of Privilege Vulnerability,Microsoft,"Open Management Infrastructure,System Center Operations Manager (scom),Azure Automation State Configuration, Dsc Extension,Azure Automation Update Management,Log Analytics Agent,Azure Diagnostics (lad),Container Monitoring Solution,Azure Security Center,Azure Sentinel,Azure Stack Hub",7,HIGH,0.000590000010561198,true,false,false,true,,false,false,2021-09-15T11:24:09.000Z,0
CVE-2021-38648,https://securityvulnerability.io/vulnerability/CVE-2021-38648,Open Management Infrastructure Elevation of Privilege Vulnerability,Open Management Infrastructure Elevation of Privilege Vulnerability,Microsoft,"Open Management Infrastructure,System Center Operations Manager (scom),Azure Automation State Configuration, Dsc Extension,Azure Automation Update Management,Log Analytics Agent,Azure Diagnostics (lad),Container Monitoring Solution,Azure Security Center,Azure Sentinel,Azure Stack Hub",7.8,HIGH,0.9582399725914001,true,false,false,true,,false,false,2021-09-15T11:24:08.000Z,0
CVE-2021-38647,https://securityvulnerability.io/vulnerability/CVE-2021-38647,Open Management Infrastructure Remote Code Execution Vulnerability,Open Management Infrastructure Remote Code Execution Vulnerability,Microsoft,"Open Management Infrastructure,System Center Operations Manager (scom),Azure Automation State Configuration, Dsc Extension,Azure Automation Update Management,Log Analytics Agent,Azure Diagnostics (lad),Container Monitoring Solution,Azure Security Center,Azure Sentinel,Azure Stack Hub",9.8,CRITICAL,0.9731600284576416,true,false,true,true,true,false,false,2021-09-15T11:24:07.000Z,0
CVE-2021-38645,https://securityvulnerability.io/vulnerability/CVE-2021-38645,Open Management Infrastructure Elevation of Privilege Vulnerability,Open Management Infrastructure Elevation of Privilege Vulnerability,Microsoft,"Open Management Infrastructure,System Center Operations Manager (scom),Azure Automation State Configuration, Dsc Extension,Azure Automation Update Management,Log Analytics Agent,Azure Diagnostics (lad),Container Monitoring Solution,Azure Security Center,Azure Sentinel,Azure Stack Hub",7.8,HIGH,0.000590000010561198,true,false,false,true,,false,false,2021-09-15T11:24:05.000Z,0
CVE-2021-1728,https://securityvulnerability.io/vulnerability/CVE-2021-1728,System Center Operations Manager Elevation of Privilege Vulnerability,System Center Operations Manager Elevation of Privilege Vulnerability,Microsoft,System Center 2019 Operations Manager,8.8,HIGH,0.0022299999836832285,false,false,false,false,,false,false,2021-02-25T23:01:29.000Z,0
CVE-2020-1331,https://securityvulnerability.io/vulnerability/CVE-2020-1331,,"A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Manager Spoofing Vulnerability'.",Microsoft,System Center 2016 Operations Manager,5.4,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2020-06-09T19:44:11.000Z,0
CVE-2015-2420,https://securityvulnerability.io/vulnerability/CVE-2015-2420,,"Cross-site scripting (XSS) vulnerability in Microsoft System Center 2012 Operations Manager Gold before Rollup 8, SP1 before Rollup 10, and R2 before Rollup 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka ""System Center Operations Manager Web Console XSS Vulnerability.""",Microsoft,System Center Operations Manager,,,0.02833000011742115,false,false,false,false,,false,false,2015-08-15T00:00:00.000Z,0
CVE-2013-0009,https://securityvulnerability.io/vulnerability/CVE-2013-0009,,"Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka ""System Center Operations Manager Web Console XSS Vulnerability,"" a different vulnerability than CVE-2013-0010.",Microsoft,System Center Operations Manager,,,0.22182999551296234,false,false,false,false,,false,false,2013-01-09T18:00:00.000Z,0
CVE-2013-0010,https://securityvulnerability.io/vulnerability/CVE-2013-0010,,"Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka ""System Center Operations Manager Web Console XSS Vulnerability,"" a different vulnerability than CVE-2013-0009.",Microsoft,System Center Operations Manager,,,0.22182999551296234,false,false,false,false,,false,false,2013-01-09T18:00:00.000Z,0