CVE-2021-38647 (OMIGOD): Critical Flaw Leaves Azure Linux VMs Vulnerable to Remote Code Execution

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Agents installed by default on Azure Linux virtual machines are vulnerable to a remote code execution flaw that can be exploited with a single request.

Background

On September 14, researchers at Wiz disclosed a set of four vulnerabilities in Microsoft’s Open Management Infrastructure (OMI), an open source Common Information Model (CIM) management server used for managing Unix and Linux systems.

CVE Description CVSSv3 VPR CVE-2021-38647 Open Management Infrastructure Remote Code Execution Vulnerability 9.8 9.4 CVE-2021-38648 Open Management Infrastructure Elevation of Privilege Vulnerability 7.8 9.2 CVE-2021-38645 Open Management Infrastructure Elevation of Privilege Vulnerability 7.8 9.2 CVE-2021-38649 Open Management Infrastructure Elevation of Privilege Vulnerability 7.0 9.2

*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on September 17 and reflects VPR at that time.

The flaws, which are collectively referred to as “OMIGOD,” are found within OMI agents that are installed on Microsoft’s Azure

Read the article