module
Microsoft OMI Management Interface Authentication Bypass
| Disclosed |
|---|
| Sep 14, 2021 |
Disclosed
Sep 14, 2021
Description
By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint
that will cause it to execute an operating system command as the root user. This vulnerability was patched in
OMI version 1.6.8-1 (released September 8th 2021).
that will cause it to execute an operating system command as the root user. This vulnerability was patched in
OMI version 1.6.8-1 (released September 8th 2021).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.