CVE-2024-21334: Open Management Infrastructure (OMI) Remote Code Execution Vulnerability

Overview

Severity

Critical (CVSS 9.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2024-Mar

Released

2024-03-12

EPSS Score

6.95% (percentile: 91.4%)

FAQ

How could an attacker exploit this vulnerability? A remote unauthenticated attacker could access the OMI instance from the Internet and send specially crafted requests to trigger a use-after-free vulnerability. Is there any action customers need to take to protect themselves against this vulnerability? Customers running affected versions of SCOM (System Center Operations Manager) should update to OMI version 1.8.1-0.

Affected Products (3)

System Center

• System Center Operations Manager (SCOM) 2019
• System Center Operations Manager (SCOM) 2022

Azure

• Open Management Infrastructure

Security Updates (3)

• Release Notes
• Release Notes
• Release Notes

Acknowledgments

Wei in Kunlun Lab with <a href="https://www.cyberkl.com/">Cyber KunLun</a>, Wei in Kunlun Lab with <a href="https://www.cyberkl.com/">Cyber KunLun</a>

Revision History

• 2024-03-12: Information published.