CVE-2024-21330
CVSS 3.1 Score 7.8 of 10 (high)
Attack Complexity low
Confidentiality high
Integrity high
Availability high
Privileges Required low
Scope unchanged
Details
Published Mar 12, 2024
Updated: Dec 27, 2024
CWE ID 122
CWE ID 787
Summary
CVE-2024-21330 is an elevation of privilege vulnerability affecting Open Management Infrastructure (OMI). Attackers can exploit this flaw to gain higher system privileges, potentially leading to unauthorized access or data theft. The vulnerability is due to an improper input validation issue in OMI's web-based interface. Successful exploitation requires no user interaction and can be achieved remotely over the network. Administrators are advised to apply the available patches promptly to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- System Center Operations Manager
Affected Vendors
- Microsoft