module
Microsoft OMI Management Interface Authentication Bypass
| Disclosed |
|---|
| Sep 14, 2021 |
Disclosed
Sep 14, 2021
Description
By removing the authentication exchange, an attacker can issue requests to the local OMI management socket
that will cause it to execute an operating system command as the root user. This vulnerability was patched in
OMI version 1.6.8-1 (released September 8th 2021).
that will cause it to execute an operating system command as the root user. This vulnerability was patched in
OMI version 1.6.8-1 (released September 8th 2021).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.