cbcvebase.
CVE-2022-33640
published 2022-08-09

CVE-2022-33640: System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

PriorityP340high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.55%
41.9th percentile
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

Affected

12 ranges
VendorProductVersion rangeFixed in
microsoftopen_management_infrastructure< 1.6.10-21.6.10-2
microsoftopen_management_infrastructure>= 16.0 < 1.6.10-21.6.10-2
microsoftsystem_center_operations_manager
microsoftsystem_center_operations_manager
microsoftsystem_center_operations_manager
microsoftsystem_center_operations_manager_2016>= 7.6.0 < 7.6.1113.07.6.1113.0
microsoftsystem_center_operations_manager_2019>= 10.19.0 < 10.19.1158.010.19.1158.0
microsoftsystem_center_operations_manager_2022>= 10.22.0 < 10.22.1032.010.22.1032.0
msrcopen_management_infrastructure
msrcsystem_center_operations_manager_2016
msrcsystem_center_operations_manager_2019
msrcsystem_center_operations_manager_2022

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.

CVE-2022-33640 — Improper Privilege Management | cvebase