CVE-2022-29149
published 2022-06-15CVE-2022-29149: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.91%
55.5th percentile
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | azure_automation_update_management | >= 1.0.0 < OMS Agent for Linux GA v1.14.13 | OMS Agent for Linux GA v1.14.13 |
| microsoft | azure_diagnostics | >= 3.0 < 3.0.137 | 3.0.137 |
| microsoft | azure_diagnostics | >= 3.0.0 < LAD v4.0.27 and LAD v3.0.137 | LAD v4.0.27 and LAD v3.0.137 |
| microsoft | azure_diagnostics | >= 4.0 < 4.0.27 | 4.0.27 |
| microsoft | azure_security_center | < 1.14.13 | 1.14.13 |
| microsoft | azure_security_center | >= 1.0.0 < OMS Agent for Linux GA v1.14.13 | OMS Agent for Linux GA v1.14.13 |
| microsoft | azure_sentinel | < 1.14.13 | 1.14.13 |
| microsoft | azure_sentinel | >= 1.0.0 < OMS Agent for Linux GA v1.14.13 | OMS Agent for Linux GA v1.14.13 |
| microsoft | azure_stack_hub | < 1.14.13 | 1.14.13 |
| microsoft | azure_stack_hub | >= 1.0.0 < OMS Agent for Linux GA v1.14.13 | OMS Agent for Linux GA v1.14.13 |
| microsoft | container_monitoring_solution | >= 1.0.0 < publication | publication |
| microsoft | log_analytics_agent | >= 1.0.0 < OMS Agent for Linux GA v1.14.13 | OMS Agent for Linux GA v1.14.13 |
| microsoft | open_management_infrastructure | < 1.6.9-1 | 1.6.9-1 |
| microsoft | open_management_infrastructure | >= 16.0 < OMI Version 1.6.9-1 | OMI Version 1.6.9-1 |
| microsoft | system_center_operations_manager | — | — |
| microsoft | system_center_operations_manager | — | — |
| microsoft | system_center_operations_manager | — | — |
| microsoft | system_center_operations_manager_2016 | >= 7.6.0 < 7.6.1108.0 | 7.6.1108.0 |
| microsoft | system_center_operations_manager_2019 | >= 10.19.0 < 10.19.1152.0 | 10.19.1152.0 |
| microsoft | system_center_operations_manager_2022 | >= 10.22.0 < 10.22.1024.0 | 10.22.1024.0 |
| msrc | azure_automation_state_configuration_dsc_extension | — | — |
| msrc | azure_automation_update_management | — | — |
| msrc | azure_diagnostics | — | — |
| msrc | azure_security_center | — | — |
| msrc | azure_sentinel | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Tenable
Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407)
blogs_tenable·2024-03-12·CVSS 8.1
[HIGH] Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Wiz
Securing Azure middleware agents with new auto-patching capabilities | Wiz Blog
blogs_wiz·2022-08-05·CVSS 7.8
[HIGH] Securing Azure middleware agents with new auto-patching capabilities | Wiz Blog
In the past year, Wiz Research has shed light on cloud middleware , software that brokers between customer workloads and cloud providers’ managed services. The task of updating middleware software is not well defined by the cloud shared responsibility model and customers are often unaware of its existence and the attack surface it may expose.
As new vulnerabilities are discovered in cloud middleware software such as Microsoft OMI (Open Management Infrastructure), used by multiple popular Azure services (Azure Automation, Azure Log analytics Azure Sentinel and more), vendors release patches and customers are required to manually install them. Recently, as part of Microsoft’s June 2022 Patch Tuesday, an update was included to fix CVE-2022-29149 , a new local privilege escalation vulnerabili
Wiz
Securing Azure middleware agents with new auto-patching capabilities | Wiz Blog
blogs_wiz·2022-08-05·CVSS 7.8
[HIGH] Securing Azure middleware agents with new auto-patching capabilities | Wiz Blog
In the past year, Wiz Research has shed light on cloud middleware, software that brokers between customer workloads and cloud providers’ managed services. The task of updating middleware software is not well defined by the cloud shared responsibility model and customers are often unaware of its existence and the attack surface it may expose.
As new vulnerabilities are discovered in cloud middleware software such as Microsoft OMI (Open Management Infrastructure), used by multiple popular Azure services (Azure Automation, Azure Log analytics Azure Sentinel and more), vendors release patches and customers are required to manually install them. Recently, as part of Microsoft’s June 2022 Patch Tuesday, an update was included to fix CVE-2022-29149, a new local privilege escalation vulnerability
Wiz
Revisiting OMI: Analysis of CVE-2022-29149, a privilege escalation vulnerability in Azure OMI | Wiz Blog
blogs_wiz·2022-08-05·CVSS 9.8
CVE-2022-29149 [CRITICAL] Revisiting OMI: Analysis of CVE-2022-29149, a privilege escalation vulnerability in Azure OMI | Wiz Blog
In the last year, we invested time and effort researching cloud middleware , the software that bridges between customers' virtual machines and cloud providers’ managed services.
As part of June 2022 Patch Tuesday, Microsoft published a patch to fix a new privilege escalation vulnerability, CVE-2022-29149 in Open Management Infrastructure (OMI) , with a CVSS score of 7.8 (the highest score possible for vulnerabilities that allow local privilege escalation). OMI is cloud middleware software used by Azure, typically installed on Linux VMs without explicit customer notification, like most other cloud agents . This is the fifth known vulnerability affecting OMI. Wiz Research found and reported the previous four vulnerabilities in June 2021, including an unauthenticated remote code execution vu
Wiz
Revisiting OMI: Analysis of CVE-2022-29149, a privilege escalation vulnerability in Azure OMI | Wiz Blog
blogs_wiz·2022-08-05·CVSS 9.8
CVE-2022-29149 [CRITICAL] Revisiting OMI: Analysis of CVE-2022-29149, a privilege escalation vulnerability in Azure OMI | Wiz Blog
In the last year, we invested time and effort researching cloud middleware, the software that bridges between customers' virtual machines and cloud providers’ managed services.
As part of June 2022 Patch Tuesday, Microsoft published a patch to fix a new privilege escalation vulnerability, CVE-2022-29149 in Open Management Infrastructure (OMI), with a CVSS score of 7.8 (the highest score possible for vulnerabilities that allow local privilege escalation). OMI is cloud middleware software used by Azure, typically installed on Linux VMs without explicit customer notification, like most other cloud agents. This is the fifth known vulnerability affecting OMI. Wiz Research found and reported the previous four vulnerabilities in June 2021, including an unauthenticated remote code execution vulne
2022-06-15
Published