System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2022-33640

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Open Management Infrastructure
System Center Operations Manager (scom) 2019
System Center Operations Manager (scom) 2016
System Center Operations Manager (scom) 2022
Vendor
CVE Published:
9 August 2022

What is CVE-2022-33640?

System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

Affected Version(s)

Open Management Infrastructure Unknown 16.0 < 1.6.10-2

System Center Operations Manager (SCOM) 2016 Unknown 7.6.0 < 7.6.1113.0

System Center Operations Manager (SCOM) 2019 Unknown 10.19.0 < 10.19.1158.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-33640 : System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability