Microsoft System Center Operations Manager vulnerabilities

11 known vulnerabilities affecting microsoft/system_center_operations_manager.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2026-20967HIGHCVSS 8.8v2019v2022+1 more2026-03-10
CVE-2026-20967 [HIGH] CWE-20 CVE-2026-20967: Improper input validation in System Center Operations Manager allows an authorized attacker to eleva Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
nvd
CVE-2025-27743HIGHCVSS 7.8v2019v2022+1 more2025-04-08
CVE-2025-27743 [HIGH] CWE-426 CVE-2025-27743: Untrusted search path in System Center allows an authorized attacker to elevate privileges locally. Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.
nvd
CVE-2024-21334CRITICALCVSS 9.8v2019v20222024-03-12
CVE-2024-21334 [CRITICAL] CWE-416 CVE-2024-21334: Open Management Infrastructure (OMI) Remote Code Execution Vulnerability Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
nvd
CVE-2024-21330HIGHCVSS 7.8v2019v20222024-03-12
CVE-2024-21330 [HIGH] CWE-122 CVE-2024-21330: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
nvd
CVE-2023-36043MEDIUMCVSS 6.5v2016v2019+1 more2023-11-14
CVE-2023-36043 [MEDIUM] CWE-200 CVE-2023-36043: Open Management Infrastructure Information Disclosure Vulnerability Open Management Infrastructure Information Disclosure Vulnerability
nvd
CVE-2022-33640HIGHCVSS 7.8v2016v2019+1 more2022-08-09
CVE-2022-33640 [HIGH] CWE-269 CVE-2022-33640: System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulner System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
nvd
CVE-2022-29149HIGHCVSS 7.8v2016v2019+1 more2022-06-15
CVE-2022-29149 [HIGH] CVE-2022-29149: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
nvd
CVE-2021-1728HIGHCVSS 8.8v20192021-02-25
CVE-2021-1728 [HIGH] CWE-269 CVE-2021-1728: System Center Operations Manager Elevation of Privilege Vulnerability System Center Operations Manager Elevation of Privilege Vulnerability
nvd
CVE-2015-2420MEDIUMCVSS 4.3v20122015-08-15
CVE-2015-2420 [MEDIUM] CWE-79 CVE-2015-2420: Cross-site scripting (XSS) vulnerability in Microsoft System Center 2012 Operations Manager Gold bef Cross-site scripting (XSS) vulnerability in Microsoft System Center 2012 Operations Manager Gold before Rollup 8, SP1 before Rollup 10, and R2 before Rollup 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "System Center Operations Manager Web Console XSS Vulnerability."
nvd
CVE-2013-0010MEDIUMCVSS 4.3v20072013-01-09
CVE-2013-0010 [MEDIUM] CVE-2013-0010: Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0009.
nvd
CVE-2013-0009MEDIUMCVSS 4.3v20072013-01-09
CVE-2013-0009 [MEDIUM] CWE-79 CVE-2013-0009: Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0010.
nvd