Skip to main content

System Center Operations Manager CVE-2021-1728

HIGH
Improper Privilege Management (CWE-269)
2021-02-25 secure@microsoft.com
8.8
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Feb 25, 2021 - 23:15 cve.org
HIGH 8.8

DescriptionCVE.org

System Center Operations Manager Elevation of Privilege Vulnerability

AnalysisAI

System Center Operations Manager Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Technical ContextAI

This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. System Center Operations Manager Elevation of Privilege Vulnerability Affected products include: Microsoft System Center Operations Manager.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply principle of least privilege, validate privilege transitions, implement proper role separation.

CVE-2021-38647 CRITICAL POC
9.8 Sep 15

Open Management Infrastructure Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerabili

CVE-2021-38648 HIGH POC
7.8 Sep 15

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability

CVE-2024-21334 CRITICAL
9.8 Mar 12

Open Management Infrastructure (OMI) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulne

CVE-2013-0010 MEDIUM
4.3 Jan 09

Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote att

CVE-2013-0009 MEDIUM
4.3 Jan 09

Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote att

CVE-2026-20967 HIGH
8.8 Mar 10

Privilege escalation in System Center Operations Manager via improper input validation enables authenticated network-bas

CVE-2025-27743 HIGH
7.8 Apr 08

Untrusted search path in System Center allows an authorized attacker to elevate privileges locally. Rated high severity

CVE-2024-21330 HIGH
7.8 Mar 12

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerab

CVE-2022-33640 HIGH
7.8 Aug 09

System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high

CVE-2022-29149 HIGH
7.8 Jun 15

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerab

CVE-2021-38645 HIGH
7.8 Sep 15

Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability

CVE-2021-41352 HIGH
7.5 Oct 13

SCOM Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, n

Share

CVE-2021-1728 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy