Vulnerabilities

Compute Instance with Vulnerable Open Management Infrastructure Installed

Risk Level

Imminent Compromised (2)

Platform(s)
Compliance Frameworks

Description

A group of vulnerabilities was found in Open Management Infrastructure (OMI) - an open source implementation of WMI for Linux which is used extensively by Azure services such as Azure Automation and Azure Diagnostics. These vulnerabilities can allow for Remote Code Execution and/or Local Privilege Escalation. The compute instance {AzureComputeVm} was found with a vulnerable version of OMI installed on it. For further information, visit: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38648

  • Recommended Mitigation

    Upgrade to the latest version of OMI by running `sudo apt-get install omi` or `sudo yum install omi`, or following the instructions described here: <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38648" target="_blank" rel="noopener noreferrer">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38648</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.