CVE-2021-38647: Microsoft Open Management Infrastructure (OMI) Remote Code

Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability. Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.

• CISA KEV-listed (remediation due 2021-11-17)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Detection rules

• OMIGOD HTTP No Authentication RCE - CVE-2021-38647 high

Browse the CVE database

Read the full analysis on IntelFusions