CVE-2022-29149
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
Una Vulnerabilidad de ElevaciĆ³n de Privilegios en Azure Open Management Infrastructure (OMI)
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-04-12 CVE Reserved
- 2022-06-15 CVE Published
- 2025-01-02 CVE Updated
- 2025-04-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29149 | 2023-12-20 |
| URL | Date | SRC |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29149 | 2025-01-02 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Azure Automation State Configuration Search vendor "Microsoft" for product "Azure Automation State Configuration" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Azure Automation Update Management Search vendor "Microsoft" for product "Azure Automation Update Management" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Azure Diagnostics Search vendor "Microsoft" for product "Azure Diagnostics" | >= 3.0 < 3.0.137 Search vendor "Microsoft" for product "Azure Diagnostics" and version " >= 3.0 < 3.0.137" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Azure Diagnostics Search vendor "Microsoft" for product "Azure Diagnostics" | >= 4.0 < 4.0.27 Search vendor "Microsoft" for product "Azure Diagnostics" and version " >= 4.0 < 4.0.27" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Azure Security Center Search vendor "Microsoft" for product "Azure Security Center" | < 1.14.13 Search vendor "Microsoft" for product "Azure Security Center" and version " < 1.14.13" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Azure Sentinel Search vendor "Microsoft" for product "Azure Sentinel" | < 1.14.13 Search vendor "Microsoft" for product "Azure Sentinel" and version " < 1.14.13" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Azure Stack Hub Search vendor "Microsoft" for product "Azure Stack Hub" | < 1.14.13 Search vendor "Microsoft" for product "Azure Stack Hub" and version " < 1.14.13" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Container Monitoring Solution Search vendor "Microsoft" for product "Container Monitoring Solution" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Log Analytics Agent Search vendor "Microsoft" for product "Log Analytics Agent" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Open Management Infrastructure Search vendor "Microsoft" for product "Open Management Infrastructure" | < 1.6.9-1 Search vendor "Microsoft" for product "Open Management Infrastructure" and version " < 1.6.9-1" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | System Center Operations Manager Search vendor "Microsoft" for product "System Center Operations Manager" | 2016 Search vendor "Microsoft" for product "System Center Operations Manager" and version "2016" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | System Center Operations Manager Search vendor "Microsoft" for product "System Center Operations Manager" | 2019 Search vendor "Microsoft" for product "System Center Operations Manager" and version "2019" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | System Center Operations Manager Search vendor "Microsoft" for product "System Center Operations Manager" | 2022 Search vendor "Microsoft" for product "System Center Operations Manager" and version "2022" | - |
Affected
| ||||||