CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-38648

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score26.8460%
EPSS Percentile93.53th
Published2021年9月15日
Last Modified2025年10月30日

Vulnerability Description

Open Management Infrastructure Elevation of Privilege Vulnerability

Affected Platforms (CPE)

📦
Microsoft

Azure Automation State Configuration

All versions
📦
Microsoft

Azure Automation Update Management

All versions
📦
Microsoft

Azure Diagnostics \(lad\)

All versions
📦
Microsoft

Azure Open Management Infrastructure

All versions
📦
Microsoft

Azure Security Center

All versions
📦
Microsoft

Azure Sentinel

All versions
📦
Microsoft

Azure Stack Hub

All versions
📦
Microsoft

Container Monitoring Solution

All versions
📦
Microsoft

Log Analytics Agent

All versions
📦
Microsoft

System Center Operations Manager

All versions

References & Advisories

🔗 http://packetstormsecurity.com/files/164925/Microsoft-OMI-Management-Interface-Authentication-Bypass.html
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38648
🔗 http://packetstormsecurity.com/files/164925/Microsoft-OMI-Management-Interface-Authentication-Bypass.html
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38648
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-38648

関連する脆弱性情報

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...