CVE-2022-29149

Summary

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftAzure Automation State Configuration, DSC Extension2.0.0 < DSC Agent versions: 2.71.1.33, 3.0.0.7affected
MicrosoftAzure Automation Update Management1.0.0 < OMS Agent for Linux GA v1.14.13affected
MicrosoftLog Analytics Agent1.0.0 < OMS Agent for Linux GA v1.14.13affected
MicrosoftAzure Diagnostics (LAD)3.0.0 < LAD v4.0.27 and LAD v3.0.137affected
MicrosoftContainer Monitoring Solution1.0.0 < publicationaffected
MicrosoftAzure Security Center1.0.0 < OMS Agent for Linux GA v1.14.13affected
MicrosoftAzure Sentinel1.0.0 < OMS Agent for Linux GA v1.14.13affected
MicrosoftAzure Stack Hub1.0.0 < OMS Agent for Linux GA v1.14.13affected
MicrosoftOpen Management Infrastructure16.0 < OMI Version 1.6.9-1affected
MicrosoftSystem Center Operations Manager (SCOM) 202210.22.0 < 10.22.1024.0affected
MicrosoftSystem Center Operations Manager (SCOM) 201910.19.0 < 10.19.1152.0affected
MicrosoftSystem Center Operations Manager (SCOM) 20167.6.0 < 7.6.1108.0affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References