CVE-2022-29149: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
First published: Wed Jun 15 2022(Updated: )
Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Azure Automation State Configuration | ||
| Microsoft Azure Automation Update Management | ||
| Microsoft Azure Diagnostics | >=3.0<3.0.137 | |
| Microsoft Azure Diagnostics | >=4.0<4.0.27 | |
| Microsoft Azure Security Center | <1.14.13 | |
| Microsoft Azure Sentinel | <1.14.13 | |
| Microsoft Azure Stack Hub | <1.14.13 | |
| Microsoft Container Monitoring Solution | ||
| Microsoft Log Analytics Agent | ||
| Microsoft Open Management Infrastructure | <1.6.9-1 | |
| Microsoft System Center Operations Manager | =2016 | |
| Microsoft System Center Operations Manager | =2019 | |
| Microsoft System Center Operations Manager | =2022 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-29149?
The severity of CVE-2022-29149 is high with a value of 7.8.
Which software is affected by CVE-2022-29149?
The following software are affected by CVE-2022-29149: Microsoft Azure Automation State Configuration, Microsoft Azure Automation Update Management, Microsoft Azure Diagnostics, Microsoft Open Management Infrastructure (OMI), Microsoft Container Monitoring Solution, Microsoft Open Management Infrastructure (OMI), Microsoft Open Management Infrastructure, Microsoft System Center Operations Manager.
How can I fix CVE-2022-29149?
Microsoft has released security updates to address CVE-2022-29149, so make sure to install the latest updates for the affected software.
Where can I find more information about CVE-2022-29149?
You can find more information about CVE-2022-29149 in the Microsoft Security Guidance Advisory: CVE-2022-29149.
- agent/author
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/microsoft
- canonical/microsoft azure automation state configuration
- canonical/microsoft azure automation update management
- canonical/microsoft azure diagnostics
- version/microsoft azure diagnostics/3.0
- version/microsoft azure diagnostics/4.0
- canonical/microsoft azure security center
- canonical/microsoft azure sentinel
- canonical/microsoft azure stack hub
- canonical/microsoft container monitoring solution
- canonical/microsoft log analytics agent
- canonical/microsoft open management infrastructure
- canonical/microsoft system center operations manager
- version/microsoft system center operations manager/2016
- version/microsoft system center operations manager/2019
- version/microsoft system center operations manager/2022