CVE-2024-21330

CVSS 3.1 Score 7.8 of 10 (high)

Attack Complexity low
Confidentiality high
Integrity high
Availability high
Privileges Required low
Scope unchanged

Details

Published Mar 12, 2024
Updated: Dec 27, 2024
CWE ID 122
CWE ID 787

Summary

CVE-2024-21330 is an elevation of privilege vulnerability affecting Open Management Infrastructure (OMI). Attackers can exploit this flaw to gain higher system privileges, potentially leading to unauthorized access or data theft. The vulnerability is due to an improper input validation issue in OMI's web-based interface. Successful exploitation requires no user interaction and can be achieved remotely over the network. Administrators are advised to apply the available patches promptly to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • System Center Operations Manager

Affected Vendors

  • Microsoft