System Center Operations Manager
CVE-2021-1728
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
System Center Operations Manager Elevation of Privilege Vulnerability
AnalysisAI
System Center Operations Manager Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. System Center Operations Manager Elevation of Privilege Vulnerability Affected products include: Microsoft System Center Operations Manager.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
Open Management Infrastructure Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerabili
Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulne
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote att
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote att
Privilege escalation in System Center Operations Manager via improper input validation enables authenticated network-bas
Untrusted search path in System Center allows an authorized attacker to elevate privileges locally. Rated high severity
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerab
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerab
Open Management Infrastructure Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability
SCOM Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, n
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today