← Back

CVE-2021-38648

nvd nist
Published: Sep 15, 2021Modified: Oct 30, 2025CISA KEV

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD (Secondary)

Description

Open Management Infrastructure Elevation of Privilege Vulnerability

Affected (10)

Microsoft
10 products
Azure Automation State Configuration
Azure Automation Update Management
Azure Diagnostics (lad)
Azure Open Management Infrastructure
Azure Security Center
Azure Sentinel
Azure Stack Hub
Container Monitoring Solution
Log Analytics Agent
System Center Operations Manager
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Azure Automation State Configuration
All versions
Azure Automation Update Management
All versions
Azure Diagnostics (lad)
All versions
Azure Open Management Infrastructure
All versions
Azure Security Center
All versions
Azure Sentinel
All versions
Azure Stack Hub
All versions
Container Monitoring Solution
All versions
Log Analytics Agent
All versions
System Center Operations Manager
All versions

References (5)

Source: secure@microsoft.com
ExploitThird Party AdvisoryVDB Entry
Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.